Thus, is best understood as a shape‑driven authentication philosophy —a contemporary, forward‑looking take on graphical passwords—rather than a single proprietary product.
While shape‑based authentication is far more resistant to shoulder surfing than text passwords, it is not impossible. A determined attacker with a hidden camera could record the user’s finger movements across the grid and, with enough observations (since the grid changes), potentially infer the shape. This is a much more difficult attack than simply watching someone type a password, but it remains a theoretical risk.
Assign each shape a unique letter, number, or symbol. Example mapping: Candid Shapes Password
Candid Shapes Password: A New Era in Intuitive Cybersecurity
| Text Password | Shapes Password | |---------------|----------------| | Easy to forget | Highly visual | | Vulnerable to keyloggers | Resists typing attacks | | Hard for some users (dyslexia, memory issues) | Accessible and intuitive | | Requires mixing cases/symbols | Can be combined with colors or positions | Thus, is best understood as a shape‑driven authentication
Aim for at least 12 to 14 characters . Length is often more effective than just adding a single symbol.
(Published primarily in the proceedings of the or related security symposiums like SOUPS ). This is a much more difficult attack than
implies honesty and simplicity—using shapes that are easily recognizable and personal to the user.
He mapped these to characters: L → [ (bracket looks like an L); Spiral → ~ (tilde looks like a coil); Bent line → V ; Circle → 0 ; X → * .
Do not look for obvious shapes. Look for imperfect or accidental shapes.