This article has been reviewed according to Science X's editorial process and policies. Editors have highlighted the following attributes while ensuring the content's credibility:


trusted source


The end of text-based passwords? 'Transparent image moving' provides a new solution

iphone password
Credit: Unsplash/CC0 Public Domain

It's past time the world moves away from text-based passwords and verifications for mobile phones and starts embracing more secure image-based solutions, say computer scientists from the University of Surrey.

In a new study, Surrey scientists demonstrate an image-based authentication system called TIM (Transparent Image Moving) for mobile phones to help reduce the risk of shoulder surfing attacks. TIM requires users to select and move predefined images to a designated position for passing authentication checks, similar to those required for .

The proof-of-concept study found that 85% of TIM users believed it could help them to prevent password guessing and shoulder surfing attacks. The study also found that 71% of participants think TIM is a more usable image-based solution than others on the market. The research has been published in the Journal of Information Security and Applications.

Dr. Rizwan Asghar, co-author of the paper for the University of Surrey, said, "We spend much of our lives on our mobile phones, and we depend on them for activities such as banking, shopping and for keeping up with our loved ones. However, it is striking how little innovation and progress has been made in how we protect this activity and our most . We believe imaged-based and interactive authentication processes like TIM are a step in the right direction."

Shoulder surfing is a attack in which someone records , such as passwords or , entered by a victim on a computer screen or a mobile device by looking over their shoulder or from a distance. Shoulder surfing attacks often occur in crowded public places such as airports, , or public transportation.

Dr. Asghar states, "The current text-based status quo offers trade-offs between usability and security. While short text-based passwords are easy to remember, they are not secure enough and leave you vulnerable to password guessing or shoulder surfers. Long-text passwords are winners in terms of security but are incredibly difficult for users to remember.

"It's promising that many of our participants found TIM to be useable and didn't find the learning curve to be too steep. This suggests that the market could be ready for image-based alternatives to mobile security."

More information: Gi-Chul Yang et al, TIM: Secure and usable authentication for smartphones, Journal of Information Security and Applications (2022). DOI: 10.1016/j.jisa.2022.103374

Citation: The end of text-based passwords? 'Transparent image moving' provides a new solution (2023, March 23) retrieved 26 February 2024 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

New system for protecting picture passwords using adjustable distortion


Feedback to editors