Automated Attacks on Pass Point-Style Graphical Passwords
Users click on one point per image for a sequence of images, the next image is based on the previous click-point. Users preferred Cued Click Points (CCP) to Pass Points selecting and remembering only one point per image was easier, and that seeing each image triggered their memory of where the corresponding point was located. Purely automated attacks against Pass Points-style graphical passwords is introduced and evaluated. For generating these attacks, a graph-based algorithm is developed to efficiently create dictionaries based on heuristics such as click-order patterns (e.g., five points all along a line).