Haptic and audio authentication: empirically exploring the usability, security and feasibility of non-visual passwordsHaptic and audio authentication: empirically exploring the usability, security and feasibility of non-visual passwords
Password entry systems in public spaces are inherently exposed to attacks based on observation, an increasingly common and damaging approach. To address this issue, researchers have explored the use of invisible input modalities, such as haptics and audio, as defenses against this threat. Despite a wide range of proposed systems and considerable recent progress, there are currently no general design guidelines expressing how password input systems based on invisible modalities should be constructed. This thesis addresses this lack. It discusses state of the art techniques for haptic and audio password entry and, based on an analysis of the underlying tradeoffs, proposes criteria for the design of usable, secure and effective password entry systems based on invisible input modalities. By showing the empirical results of user studies with several haptic and audio systems, it argues that non-visual passwords based on haptics or audio, and counting-based scheme, provide advantages when compared than traditional alpha-numerical passwords. The nature of these advantages is both in terms of usability and security against attacks based on observation. It also argues that the design guidelines presented in this work are also already applicable and suitable to a wide range of interfaces tackling demanding non-visual interaction tasks. Future work and limits of this approach are as well discussed.