Earphones-free Alternative for Shoulder Surfing Safe Login Method

Audio-based authentication methods are commonly more shoulder surfing resistant than purely visual-based methods. However, the user usually must have earphones to use them and they are usually slower than purely visual-based methods. Shoulder Surfing Safe Login (SSSL) is a comparably fast audio-based method. However, the requirement of earphones may impede usability and acceptance. In this work, we propose a modification to SSSL that do not require earphones, by having user-generated challenges. The proposed method has two versions, named Beta and Gamma. Beta and Gamma are like SSSL, but the differences are that Beta version is using a keyboard key to set the challenge, while Gamma version is using knock code. Both versions and the control, which is the SSSL method were implemented and evaluated. At the end of the experiments, the results showed that the Beta version is faster. The login time of the Beta version was 3 seconds on average compared to 8 seconds in the SSSL. Next, the Beta version had a lower error rate than the SSSL, where the number of unsuccessful logins for Beta was 7.69% from a total of 78 attempts from the 12 participants. Moreover, all participants selected the Beta version as preferable, over the SSSL method and Gamma version. The proposed method’s Beta version does not rely on earphones and is easy to use. From these results, we show that the proposed method could provide an alternative to audio challenges, which could have higher acceptance.