A structural model of end user computing satisfaction and user performance
Information and Management
Users' conceptions of risks and harms on the web: a comparative study
CHI '02 Extended Abstracts on Human Factors in Computing Systems
Safe and sound: a safety-critical approach to security
Proceedings of the 2001 workshop on New security paradigms
Communications of the ACM - How the virtual inspires the real
User interface requirements for authentication of communication
AUIC '03 Proceedings of the Fourth Australasian user interface conference on User interfaces 2003 - Volume 18
Authentication using graphical passwords: effects of tolerance and image choice
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
IEEE Security and Privacy
PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Graphical dictionaries and the memorable space of graphical passwords
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
On user choice in graphical password schemes
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The design and analysis of graphical passwords
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Modeling user choice in the PassPoints graphical password scheme
Proceedings of the 3rd symposium on Usable privacy and security
Do background images improve "draw a secret" graphical passwords?
Proceedings of the 14th ACM conference on Computer and communications security
Human-seeded attacks and exploiting hot-spots in graphical passwords
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Use Your Illusion: secure authentication usable anywhere
Proceedings of the 4th symposium on Usable privacy and security
Email-Based Identification and Authentication: An Alternative to PKI?
IEEE Security and Privacy
YAGP: Yet Another Graphical Password Strategy
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Grown Up Digital: How the Net Generation is Changing Your World HC
Grown Up Digital: How the Net Generation is Changing Your World HC
A comprehensive study of frequency, interference, and training of multiple graphical passwords
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Guidelines for designing graphical authentication mechanism interfaces
International Journal of Information and Computer Security
User interface design affects security: patterns in click-based graphical passwords
International Journal of Information Security
A closer look at recognition-based graphical passwords on mobile devices
Proceedings of the Sixth Symposium on Usable Privacy and Security
Exploring usability effects of increasing security in click-based graphical passwords
Proceedings of the 26th Annual Computer Security Applications Conference
Quantifying the quality of web authentication mechanisms: a usability perspective
Journal of Web Engineering
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
ACM Transactions on Accessible Computing (TACCESS)
| Hi-index | 0.00 |
In this article we present the development of a new, web-based, graphical authentication mechanism called ImagePass. The authentication mechanism introduces a novel feature based on one-time passwords that increases the security of the system without compromising its usability. Regarding usability, we explore the users' perception of recognition-based, graphical authentication mechanisms in a web environment. Specifically, we investigate whether the memorability of recognition-based authentication keys is influenced by image content. We also examine how the frequency of use affects the usability of the system and whether user training via mnemonic instructions improves the graphical password recognition rate. The design and development process of the proposed system began with a study that assessed how the users remember abstract, face or single-object images, and showed that single-object images have a higher memorability rate. We then proceeded with the design and development of a recognition-based graphical authentication mechanism, ImagePass, which uses single-objects as the image content and follows usable security guidelines. To conclude the research, in a follow-up study we evaluated the performance of 151 participants under different conditions. We discovered that the frequency of use had a great impact on users' performance, while the users' gender had a limited task-specific effect. In contrast, user training through mnemonic instructions showed no differences in the users' authentication metrics. However, a post-study, focus-group analysis revealed that these instructions greatly influenced the users' perception for memorability and the usability of the graphical authentication. In general, the results of these studies suggest that single-object graphical authentication can be a complementary replacement for traditional passwords, especially in ubiquitous environments and mobile devices.