Activpass: Your daily activity is your password

Sourav Kumar Dandapat, Swadhin Pradhan, Bivas Mitra, Romit Roy Choudhury, Niloy Ganguly

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

This paper explores the feasibility of automatically extracting passwords from a user's daily activity logs, such as her Facebook activity, phone activity etc. As an example, a smartphone might ask the user: "Today morning from whom did you receive an SMS ?" In this paper, we observe that infrequent activities (i.e., outliers) can be memorable and unpredictable. Building on this observation, we have developed an end to end system ActivPass and experimented with 70 users. With activity logs from Facebook, browsing history, call logs, and SMSs, the system achieves 95% success (authenticates legitimate users) and is compromised in 5:5% cases (authenticates impostors). While this level of security is obviously inadequate for serious authentication systems, certain practices such as password sharing can immediately be thwarted from the dynamic nature of passwords. With security improvements in the future, activity-based authentication could fill in for the inadequacies in today's password-based systems.

Original languageEnglish (US)
Title of host publicationCHI 2015 - Proceedings of the 33rd Annual CHI Conference on Human Factors in Computing Systems
Subtitle of host publicationCrossings
PublisherAssociation for Computing Machinery
Pages2325-2334
Number of pages10
ISBN (Electronic)9781450331456
DOIs
StatePublished - Apr 18 2015
Externally publishedYes
Event33rd Annual CHI Conference on Human Factors in Computing Systems, CHI 2015 - Seoul, Korea, Republic of
Duration: Apr 18 2015Apr 23 2015

Publication series

NameConference on Human Factors in Computing Systems - Proceedings
Volume2015-April

Other

Other33rd Annual CHI Conference on Human Factors in Computing Systems, CHI 2015
Country/TerritoryKorea, Republic of
CitySeoul
Period4/18/154/23/15

Keywords

  • Activity-based password
  • Outliers
  • Password sharing

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Graphics and Computer-Aided Design

Fingerprint

Dive into the research topics of 'Activpass: Your daily activity is your password'. Together they form a unique fingerprint.

Cite this