Windows 8 picture password
Windows 8 introduced an innovative way to login to your computer. Picture Password, the all new password management tool from Windows 8. All we need to do is to record some gesture on the picture and it will be saved as the password to login to the system. Generally it is easy to memorize the gesture compared to the complex passwords.
Even bruteforce attack can not crack this kind of gesture used for password. Microsoft says “Picture Password is a new way to help you protect your touchscreen PC”.
We can choose our own picture and create gestures for password. It is uniquely ours. Once the picture is selected, draw different combinations of circles, straight lines, taps. The size, position and the direction of your gestures become part of your picture password.
How it works
To set up your picture password, you then place your gestures on the field created. Individual points are defined by their coordinate (x,y) position on the grid. For the line, starting and ending coordinates are recorded, as well as the order in which they occur. The ordering information is used to determine the direction the line was drawn in. For the circle, a center point coordinate , the radius of the circle, and its directionality are recorded. For the tap,coordinate of the touch point is recorded.
When you attempt to sign in with Picture Password the gestures you provide is evaluated, and compared with the set to the gestures you used when you set up your picture password. Difference between each gesture and is analyzed and it is decided whether to authenticate you based on the amount of error in the set. If a gesture type is wrong—it should be a circle, but instead it’s a line—authentication will always fail. When the types, ordering, and directionality are all correct, it is determined at how far off each gesture was from the ones seen before, and decide if it’s close enough to authenticate you.
As an example, let’s take a look at the tap gesture. The tap is the least complex of the three gestures both in number of unique permutations and in the subsequent analysis. When considering whether the spot that you’ve tapped matches a reference spot, our scoring function compares the distance between the gesture you recorded as part of your picture password and the one that you just performed. The score decreases from 100% for a perfect match to 0% when sufficiently far away. Points match when the score is >= 90%. Here is a visual representation of the scoring function for a point in the immediate vicinity of a 100% match.