Doodles secure smartphones better than passwords, according to research

In addition to traditional passwords exist hand gestures and “connect-the-dots” password varieties that provide extra protection for smartphone users. Soon, you may be able to log-in with different kind of gestures, such as finger sweeps or doodling using one or more fingers, too.

So, is this method better?

Researchers from Rutgers University have performed the first study of these free-form gesture passwords for smartphones, discovering that free-form gesture passwords serve as a serious alternative to text or other log-in methods, especially for mobile devices. Free-form gesture passwords are suitable for touchscreens, faster to use, easy to remember and harder to guess than ordinary passwords.

(Image Credit: Cameron Bowman/Rutgers University)
(Image Credit: Cameron Bowman/Rutgers University)

“Preventing people from hacking into your smartphone is a major issue, and it becomes even more important because people carry their smartphones everywhere,” said Janne Lindqvist, study coauthor and an assistant professor in the Department of Electrical and Computer Engineering in the School of Engineering. “Getting access to somebody’s phone can give a lot of information about that person and make them vulnerable to lots of different kinds of attacks than can have financial and other repercussions.”

Other research teams have backed-up these finding with evidence that text passwords and PINs were hard to use, easy to compromise and unsuitable for mobile devices. Some of their shortcomings include limited password space, susceptibility to “shoulder surfing” and slow entry, according to Lindqvist.

“If you get access to a typical smartphone, that can reveal their whole social network,” said Lindqvist, coauthor of a recent study on Bitcoin, a controversial virtual currency. “People take photos with them. They might be just completely innocent photos of their family, but they might still not want them in the public. People do online banking with them.”

The study

The Rutgers team conducted their research with 91 test subjects, monitoring how they used free-form gesture passwords in their daily lives. Software was installed on their Android smartphones and the participants created 347 text passwords and 345 gesture passwords. They then completed 2,002 log-in tasks.

The participants created passwords for various accounts, including online banking, social network, email, online gaming, online dating, shopping, online courses and music streaming.

The researchers found that almost 50% of participants preferred shapes and letters for their gesture passwords versus lines (15.76%). Ninety three percent also preferred single-finger gestures over multi-finger ones.

When gesture passwords were used, participants even spent 22% less time logging in and 42% less time creating passwords, on average.

According to Lindqvist, free-form gestures could even be used on laptops and tablet/laptop combos with touch screens, as well as doors with touch screens in places of key locks or swipe cards. Eventually they could reach the field of Internet services, too.

Comments are closed, but trackbacks and pingbacks are open.