 - A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI). For this reason, the graphical-password approach is sometimes called graphical user authentication (GUA).
A graphical password is easier than a text-based password for most people to remember. Suppose an 8-character password is necessary to gain entry into a particular computer network. Instead of w8KiJ72c, for example, a user might select images of the earth (from among a screen full of real and fictitious planets), the country of France (from a map of the world), the city of Nice (from a map of France), a white stucco house with arched doorways and red tiles on the roof, a green plastic cooler with a white lid, a package of Gouda cheese, a bottle of grape juice, and a pink paper cup with little green stars around its upper edge and three red bands around the middle.
Graphical passwords may offer better security than text-based passwords because many people, in an attempt to memorize text-based passwords, use plain words (rather than the recommended jumble of characters). A dictionary search can often hit on a password and allow a hacker to gain entry into a system in seconds. But if a series of selectable images is used on successive screen pages, and if there are many images on each page, a hacker must try every possible combination at random. If there are 100 images on each of the 8 pages in an 8-image password, there are 1008, or 10 quadrillion (10,000,000,000,000,000), possible combinations that could form the graphical password! If the system has a built-in delay of only 0.1 second following the selection of each image until the presentation of the next page, it would take (on average) millions of years to break into the system by hitting it with random image sequences.
 |
Learn more about Password Management and Policy |
  |
Identity and Access Management Services, Systems and Technologies: This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan. |
 |
Using IAM, password and provisioning management tools for compliance: In this new lesson, expert Tom Bowers will teach you how provisioning and password management can reduce help desk calls, ease compliance woes and save corporate cash. |
| Endpoint security protection: Policies for endpoint control: Guest instructor Ben Rothke, provides tactics for endpoint security, policies for controlling endpoints and insight as to where endpoint security technology is headed. |
| How to break into a computer that is right at your fingertips: Stressing the importance of physical security, Joel Dubin explains how a hacker can bypass a BIOS password and break into a computer. |
| Spy vs. Spy: Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day. |
| SAP Security Learning Guide: This guide pulls SAP security information from both SearchSecurity.com and its sister site, SearchSAP.com, to provide the most comprehensive resource around for all aspects of making your SAP system ... |
| LAST UPDATED: |
04 Jun 2007
|
 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
|
More resources from around the web:
|
|
Show me everything on 
