An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Adequate user authentication is a persistent problem, particularly with mobile devices such as Personal Digital Assistants (PDAs), which tend to be highly personal and at the fringes of an organization's influence. Yet these devices are being used increasingly in military and government agencies, hospitals, and other business settings, where they pose a risk to security and privacy, not only from sensitive information they may contain, but also from the means they typically offer to access such information over wireless networks. User authentication is the first line of defense for a mobile device that falls into the hands of an unauthorized individual. However, motivating users to enable simple PIN or password mechanisms and periodically update their authentication information is difficult at best. This paper describes a general-purpose mechanism for authenticating users through image selection. The underlying rationale is that image recall is an easy and natural way for users to authenticate, removing a serious barrier to users' compliance with corporate policy. The approach described distinguishes itself from other attempts in this area in several ways, including style-dependent image selection, password reuse, and embedded salting, which collectively overcome a number of problems in employing knowledge-based authentication on mobile devices.
Ayers, R.
and Jansen, W.
(2004),
PDA Forensic Tools: an Overview and Analysis, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.7100, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150443
(Accessed October 13, 2024)