Browse Prior Art Database

System and Method of Password Entry Using Two Thumbs

IP.com Disclosure Number: IPCOM000131902D
Publication Date: 2005-Nov-21
Document File: 2 page(s) / 23K

Publishing Venue

The IP.com Prior Art Database

Abstract

The existing device-password-entering model for the handhelds, specially those with reduced keypad mobile handheld makes it easy for “shoulder surfing” – standing or sitting b besides or behind a person to detect the password as the owner enters it. For the reduced keypad handhelds, even though the password digits are shown for a short period of time, they are still visible and detectable by others.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 52% of the total text.

TWO-THUMB PASSWORD ENTRY

System and Method of Password Entry Using Two Thumbs

Disclosed Anonymously

The existing device-password-entering model for the handhelds, specially those with reduced keypad mobile handheld makes it easy for “shoulder surfing” – standing or sitting b besides or behind a person to detect the password as the owner enters it.  For the reduced keypad handhelds, even though the password digits are shown for a short period of time, they are still visible and detectable by others.

When the user uses only one thumb/finger for typing the password, it is even easier to discover the password by following one thumb/finger (perhaps by remotely filming the user).  These effects are more apparent in lecture halls where each chair is mounted on a higher level than the chair in front of it. So any user has 3 or 4 persons behind him/her that are very easily capable of discovering the password as it is typed in.

As we plan to force the users to type in the password after 30 minutes of no activity, we, simultaneously, force careless users to unveil their passwords (especially in places like those lecture halls mentioned above).  What makes this even scarier is that some users choose to use a common or similar password for their handheld as their credit card password, etc.

For devices like smart-card readers, where the user needs to pair his handheld with the smart-card reader for security reasons, it is very important to make sure that no one can discover the device password as it is typed in.

A Two-Thumb-Password-Entry model can address the problems mentioned. The main goal for this method is to avoid showing the password digits on the LCD (even for a short period of time as it is today), and to force the user to use two thumbs/fingers as he/she enters the password. These two goals make it difficult for even a shoulder surfer to discover the password as the owner enters i...