Abstract
Most existing authentication methods have a common problem, referred to as shoulder-surfing, in which authentication information is covertly obtained by peeking over the shoulder of a user as he/she completes the authentication sequence. In this paper, we propose a puzzle authentication method that is very simple and sufficiently secure, even when the authentication sequence is being leaked. We also implemented the proposed method on a mobile terminal and is evaluated through experiments and questionnaire surveys.
