The impact of cues and user interaction on the memorability of system-assigned recognition-based graphical passwords

Mahdi Nasrullah Al-Ameen, Kanis Fatema, Matthew Wright, Shannon Scielzo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

User-chosen passwords reflecting common strategies and patterns ease memorization, but offer uncertain and often weak security. System-assigned passwords provide higher security, and thus in commercially deployed graphical-password systems (e.g., Passfaces), images are randomly assigned by the system. It is difficult, however, for many users to remember system-assigned passwords. We argue that this is because existing password schemes do not fully leverage humans' cognitive strengths, and we thus examine techniques to enhance password memorability that incorporate scientific understanding of long-term memory. In our study, we examine the efficacy of spatial cues (fixed position of images), verbal cues (phrases/facts related to the images), and employing user interaction (learning images through writing a short description at registration) to improve the memorability of passwords based on face images and object images. We conducted a multi-session in-lab user study with 56 participants, where each participant was assigned seven different graphical passwords, each representing one study condition. One week after registration, participants had a 98% login success rate for a scheme offering spatial and verbal cues, while the scheme based on user interaction had a 95% login success rate for face images and a 93% login success rate for object images. All of these were significantly higher than the control conditions representing existing graphical password schemes. These findings contribute to our understanding of the impact of cues and user interaction on graphical passwords, and they show a promising direction for future research to gain high memorability for system-assigned random passwords.

Original languageEnglish (US)
Title of host publicationSOUPS 2015 - Proceedings of the 11th Symposium on Usable Privacy and Security
PublisherUSENIX Association
Pages185-196
Number of pages12
ISBN (Electronic)9781931971249
StatePublished - 2019
Externally publishedYes
Event11th Symposium on Usable Privacy and Security, SOUPS 2015 - Ottawa, Canada
Duration: Jul 22 2015Jul 24 2015

Publication series

NameSOUPS 2015 - Proceedings of the 11th Symposium on Usable Privacy and Security

Conference

Conference11th Symposium on Usable Privacy and Security, SOUPS 2015
CountryCanada
CityOttawa
Period7/22/157/24/15

Keywords

  • Cued-recognition
  • Memorability
  • System-assigned graphical password
  • User interaction

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'The impact of cues and user interaction on the memorability of system-assigned recognition-based graphical passwords'. Together they form a unique fingerprint.

Cite this