graphical password

A graphical password is easier than a text-based password for most people to remember. Suppose an 8-character password is necessary to gain entry into a particular computer network. Instead of w8KiJ72c, for example, a user might select images of the earth (from among a screen full of real and fictitious planets), the country of France (from a map of the world), the city of Nice (from a map of France), a white stucco house with arched doorways and red tiles on the roof, a green plastic cooler with a white lid, a package of Gouda cheese, a bottle of grape juice, and a pink paper cup with little green stars around its upper edge and three red bands around the middle.

Graphical passwords may offer better security than text-based passwords because many people, in an attempt to memorize text-based passwords, use plain words (rather than the recommended jumble of characters). A dictionary search can often hit on a password and allow a hacker to gain entry into a system in seconds. But if a series of selectable images is used on successive screen pages, and if there are many images on each page, a hacker must try every possible combination at random. If there are 100 images on each of the 8 pages in an 8-image password, there are 100⁸, or 10 quadrillion (10,000,000,000,000,000), possible combinations that could form the graphical password! If the system has a built-in delay of only 0.1 second following the selection of each image until the presentation of the next page, it would take (on average) millions of years to break into the system by hitting it with random image sequences.

Read more about graphical password: - David Bensinger, Ph.D. has written a white paper entitled "Human Memory and the Graphical Password." - "The Design and Analysis of Graphical Passwords" by Ian Jermyn and others provides a technical presentation. - SearchSecurity.com has a story called "Graphical passwords still far from picture perfect."

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Former LendingTree employees pilfer firm's customer database The online mortgage lending exchange site said several of its former employees shared their passwords with unapproved lenders to access customer... Hitachi acquires M-Tech Systems for identity management M-Tech will become Hitachi ID Systems under the deal. The M-Tech acquisition is part of a broader trend of companies aggressively acquiring IAM... Worst practices: Exposing IAM blunders Joel Dubin exposes the most common IAM blunders, and enlightens information security professionals on how to prevent these mistakes.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary identity chaos  (SearchSecurity.com) logon  (SearchSecurity.com)