{"id":"https://openalex.org/W1481533960","doi":"https://doi.org/10.1007/978-3-642-13241-4_16","title":"Entropy of Graphical Passwords: Towards an Information-Theoretic Analysis of Face-Recognition Based Authentication","display_name":"Entropy of Graphical Passwords: Towards an Information-Theoretic Analysis of Face-Recognition Based Authentication","publication_year":2010,"publication_date":"2010-01-01","ids":{"openalex":"https://openalex.org/W1481533960","doi":"https://doi.org/10.1007/978-3-642-13241-4_16","mag":"1481533960"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-642-13241-4_16","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-642-13241-4_16","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-642-13241-4_16.pdf","source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://link.springer.com/content/pdf/10.1007/978-3-642-13241-4_16.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026312652","display_name":"Stefan Ra\u00df","orcid":"https://orcid.org/0000-0003-2821-2489"},"institutions":[{"id":"https://openalex.org/I4210166741","display_name":"University of Klagenfurt","ror":"https://ror.org/05q9m0937","country_code":"AT","type":"education","lineage":["https://openalex.org/I4210166741"]}],"countries":["AT"],"is_corresponding":true,"raw_author_name":"Stefan Rass","raw_affiliation_strings":["Institute of Applied Informatics, System Security Group, Universitaet Klagenfurt, Universitaetsstrasse 65-67, 9020, Klagenfurt, Austria"],"affiliations":[{"raw_affiliation_string":"Institute of Applied Informatics, System Security Group, Universitaet Klagenfurt, Universitaetsstrasse 65-67, 9020, Klagenfurt, Austria","institution_ids":["https://openalex.org/I4210166741"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052178917","display_name":"Schuller David","orcid":null},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"David Schuller","raw_affiliation_strings":["Quantum Technologies, Department Safety & Security, AIT Austrian Institute of Technology GmbH, Lakeside B01A, 9020, Klagenfurt, Austria"],"affiliations":[{"raw_affiliation_string":"Quantum Technologies, Department Safety & Security, AIT Austrian Institute of Technology GmbH, Lakeside B01A, 9020, Klagenfurt, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062293354","display_name":"Christian Kollmitzer","orcid":"https://orcid.org/0000-0001-6237-9827"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Christian Kollmitzer","raw_affiliation_strings":["Quantum Technologies, Department Safety & Security, AIT Austrian Institute of Technology GmbH, Lakeside B01A, 9020, Klagenfurt, Austria"],"affiliations":[{"raw_affiliation_string":"Quantum Technologies, Department Safety & Security, AIT Austrian Institute of Technology GmbH, Lakeside B01A, 9020, Klagenfurt, Austria","institution_ids":["https://openalex.org/I132118926"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5026312652"],"corresponding_institution_ids":["https://openalex.org/I4210166741"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.10578873,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"166","last_page":"177"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10828","display_name":"Biometric Identification and Security","score":0.9524999856948853,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9521999955177307,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.8254497051239014},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7983354330062866},{"id":"https://openalex.org/keywords/alphanumeric","display_name":"Alphanumeric","score":0.6904773712158203},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.5691778659820557},{"id":"https://openalex.org/keywords/cognitive-password","display_name":"Cognitive password","score":0.5690639615058899},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5665321946144104},{"id":"https://openalex.org/keywords/dictionary-attack","display_name":"Dictionary attack","score":0.44636085629463196},{"id":"https://openalex.org/keywords/s/key","display_name":"S/KEY","score":0.4236505925655365},{"id":"https://openalex.org/keywords/information-theory","display_name":"Information theory","score":0.42178255319595337},{"id":"https://openalex.org/keywords/facial-recognition-system","display_name":"Facial recognition system","score":0.4202057123184204},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4049561619758606},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.33849745988845825},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.33486998081207275},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.32395923137664795},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.24049440026283264},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.16664177179336548},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.10985448956489563}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.8254497051239014},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7983354330062866},{"id":"https://openalex.org/C2781003394","wikidata":"https://www.wikidata.org/wiki/Q737372","display_name":"Alphanumeric","level":2,"score":0.6904773712158203},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.5691778659820557},{"id":"https://openalex.org/C23875713","wikidata":"https://www.wikidata.org/wiki/Q5141232","display_name":"Cognitive password","level":5,"score":0.5690639615058899},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5665321946144104},{"id":"https://openalex.org/C113328881","wikidata":"https://www.wikidata.org/wiki/Q599809","display_name":"Dictionary attack","level":3,"score":0.44636085629463196},{"id":"https://openalex.org/C4957475","wikidata":"https://www.wikidata.org/wiki/Q242186","display_name":"S/KEY","level":3,"score":0.4236505925655365},{"id":"https://openalex.org/C52622258","wikidata":"https://www.wikidata.org/wiki/Q131222","display_name":"Information theory","level":2,"score":0.42178255319595337},{"id":"https://openalex.org/C31510193","wikidata":"https://www.wikidata.org/wiki/Q1192553","display_name":"Facial recognition system","level":3,"score":0.4202057123184204},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4049561619758606},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.33849745988845825},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.33486998081207275},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.32395923137664795},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.24049440026283264},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.16664177179336548},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.10985448956489563},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-3-642-13241-4_16","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-642-13241-4_16","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-642-13241-4_16.pdf","source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},{"id":"pmh:oai:HAL:hal-01056381v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01056381","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. pp.166-177, &#x27E8;10.1007/978-3-642-13241-4_16&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":{"id":"doi:10.1007/978-3-642-13241-4_16","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-642-13241-4_16","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-642-13241-4_16.pdf","source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"sustainable_development_goals":[{"score":0.550000011920929,"id":"https://metadata.un.org/sdg/4","display_name":"Quality Education"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W1481533960.pdf","grobid_xml":"https://content.openalex.org/works/W1481533960.grobid-xml"},"referenced_works_count":18,"referenced_works":["https://openalex.org/W128619364","https://openalex.org/W135685467","https://openalex.org/W178526229","https://openalex.org/W1485033854","https://openalex.org/W1487718662","https://openalex.org/W1593516803","https://openalex.org/W1899068036","https://openalex.org/W1921097329","https://openalex.org/W1995875735","https://openalex.org/W2101898850","https://openalex.org/W2111465783","https://openalex.org/W2116371103","https://openalex.org/W2119247659","https://openalex.org/W2129552973","https://openalex.org/W2161032904","https://openalex.org/W2172089374","https://openalex.org/W2276896194","https://openalex.org/W2344562577"],"related_works":["https://openalex.org/W2596869006","https://openalex.org/W2896976260","https://openalex.org/W4239831152","https://openalex.org/W3168737809","https://openalex.org/W2159224061","https://openalex.org/W2597260025","https://openalex.org/W4321600778","https://openalex.org/W3131491961","https://openalex.org/W2804831377","https://openalex.org/W2186575281"],"abstract_inverted_index":{"We":[0],"present":[1],"an":[2,34],"information-theoretic":[3],"discussion":[4],"of":[5,30,53,85,93,108,122,134],"authentication":[6,22,27,89,135,143],"via":[7],"graphical":[8,59,101],"passwords,":[9,60],"and":[10,61],"devise":[11],"a":[12,74,79,86],"model":[13],"for":[14],"entropy":[15,84],"estimation.":[16],"Our":[17],"results":[18,105],"make":[19],"face-recognition":[20,87,137],"based":[21,88],"comparable":[23],"to":[24,82],"standard":[25],"password":[26],"in":[28,39,90],"terms":[29],"uncertainty":[31],"(Shannon-entropy)":[32],"that":[33,46,68,111,138],"adversary":[35],"is":[36,43],"confronted":[37],"with":[38],"both":[40],"situations.":[41],"It":[42],"widely":[44],"known":[45],"cognitive":[47],"abilities":[48],"strongly":[49],"determine":[50],"the":[51,70,83,91,116,132,142],"choice":[52],"alphanumeric":[54],"passwords":[55],"as":[56,58],"well":[57],"we":[62,77,126],"discuss":[63],"various":[64],"selected":[65],"psychological":[66],"aspects":[67],"influence":[69],"selection":[71],"process.":[72],"As":[73],"central":[75],"result,":[76],"obtain":[78,127],"theoretical":[80],"limit":[81],"light":[92],"some":[94],"social":[95,123],"engineering":[96],"techniques":[97],"(dictionary":[98],"attacks":[99],"on":[100,131,141],"passwords).":[102],"Remarkably,":[103],"our":[104],"hold":[106],"independently":[107],"any":[109],"information":[110],"can":[112],"be":[113],"obtained":[114],"from":[115],"internet":[117],"or":[118],"through":[119,136],"other":[120],"forms":[121],"engineering.":[124],"Thus,":[125],"very":[128],"general":[129],"bounds":[130],"quality":[133],"solely":[139],"depend":[140],"mechanism.":[144]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2016,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}