Ubicomp devices, such as smart phones and smart watches, allow sensitive information to be accessed anytime, anywhere. Such information include personal information on the devices themselves (personal images, tracking data, etc.) but also information that is stored in the cloud. The ever-increasing number of technologies create both opportunities and challenges: personal, and in particular wearable devices, allow data to be collected and accessed in novel contexts, thus providing the user with valuable, context-based services of information on his well-being. In contrast, new sensing technologies, including but not limited to eye trackers and thermal cameras, also enable novel forms of attacking authentication mechanisms meant to protect such data.

At the same time, the way we interact with ubicomp devices is constantly changing. While until the advent of the PC and the Internet authentication mechanisms based on login and password were used to protect only very few devices, such as the user’s workstation, as well as to authenticate a few times per day (in the morning, after lunch, after the coffee break), the way we interact with technology today is considerably different and likely to further change in the future. Today, users protect data accessible through on average 80 online accounts with on average 20 passwords. Considering the smartphone alone, users authenticate more than 200 times per day. This creates a need to fundamentally rethink how we design for security in general and for authentication in particular. On one hand, there is a need to design mechanisms that better blend with the user’s daily activities (usability). On the other hand, authentication mechanisms need to be able and cope with threats that arise from the advent of new sensing technologies (security).


alt2016mum.jpg Florian Alt, Mateusz Mikusz, Stefan Schneegass and Andreas Bulling. Memorability of Cued-recall Graphical Passwords with Saliency Masks. In Proceedings of the 15th International Conference on Mobile and Ubiquitous Multimedia. MUM '16. ACM, New York, NY, USA. [Download Bibtex]
buschek2016chi1.jpg Daniel Buschek, Fabian Hartmann, Emanuel von Zezschwitz, Alexander De Luca and Florian Alt. SnapApp: Reducing Authentication Overhead with a Time-Constrained Fast Unlock Option. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems. CHI '16. ACM, New York, NY, USA. [Download Bibtex]
alt2015mobilehci.jpg Florian Alt, Stefan Schneegass, Alireza Sahami Shirazi, Mariam Hassib and Andreas Bulling. Graphical Passwords in the Wild: Understanding How Users Choose Pictures and Passwords in Image-based Authentication Schemes. In Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services. MobileHCI '15. ACM, New York, NY, USA. [Download Bibtex]
schneegass2014ubicomp.jpg Stefan Schneegass, Frank Steimle, Andreas Bulling, Florian Alt and Albrecht Schmidt. SmudgeSafe: Geometric Image Transformations for Smudge-resistant User Authentication. In Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing. UbiComp '14. ACM, New York, NY, USA. [Download Bibtex]
bulling2012chi.jpg Andreas Bulling, Florian Alt and Albrecht Schmidt. Increasing The Security Of Gaze-Based Cued-Recall Graphical Passwords Using Saliency Masks. In Proceedings of the 2012 ACM Annual Conference on Human Factors in Computing Systems. CHI'12. ACM, New York, NY, USA. [Download Bibtex]