Towards Usable and Secure Graphical Passwords for Smartphones
Hyoungshick Kim, Associate Professor
Professor Hyoungshick Kim is an associate professor in the Department of Software, Sungkyunkwan University. He is also a visiting scientist with CSIRO’s Data61. He received a BS degree from the Department of Information Engineering at Sungkyunkwan University, an MS degree from the Department of Computer Science at KAIST and a PhD from the Computer Laboratory at the University of Cambridge in 1999, 2001 and 2012, respectively. After completing his PhD, he worked as a post-doctoral fellow in the Department of Electrical and Computer Engineering at the University of British Columbia. He previously worked for Samsung Electronics as a senior engineer from 2004 to 2008.His current research interest is focused on usable security and blockchain.
We will discuss basic principles to help audiences develop more secure and usable solutions through many real-world examples and introduce recent research results about graphical passwords for smartphones. I will explain that while usability and security are often seen as competing design goals, in practice security mechanisms have to be usable to be effective. Wrong assumptions about users can lead to systems that are useless and vulnerable, with many security solutions failing because of poor usability. Therefore, it is challenging to develop practical and secure user authentication schemes without relying on those wrong assumptions. In this talk, I will explain the security and usability limitations of existing Android graphical passwords and propose a new direction of graphical password schemes.