Memory retrieval and graphical passwords

Authors:
Elizabeth Stobert;Robert Biddle
Affiliations:
Carleton University, Ottawa, Canada;Carleton University, Ottawa, Canada
Venue:
Proceedings of the Ninth Symposium on Usable Privacy and Security
Year:
2013

Citing 11
Cited 0

PassPoints: design and longitudinal evaluation of a graphical password system

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
A large-scale study of web password habits

Proceedings of the 16th international conference on World Wide Web
On user choice in graphical password schemes

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The design and analysis of graphical passwords

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
On predictive models and user-drawn graphical passwords

ACM Transactions on Information and System Security (TISSEC)
Crowdsourcing user studies with Mechanical Turk

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
User interface design affects security: patterns in click-based graphical passwords

International Journal of Information Security
Where do security policies come from?

Proceedings of the Sixth Symposium on Usable Privacy and Security
Exploiting predictability in click-based graphical passwords

Journal of Computer Security
Graphical passwords: Learning from the first twelve years

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

Graphical passwords are an alternative form of authentication that use images for login, and leverage the picture superiority effect for good usability and memorability. Categories of graphical passwords have been distinguished on the basis of different kinds of memory retrieval (recall, cued-recall, and recognition). Psychological research suggests that leveraging recognition memory should be best, but this remains an open question in the password literature. This paper examines how different kinds of memory retrieval affect the memorability and usability of random assigned graphical passwords. A series of five studies of graphical and text passwords showed that participants were able to better remember recognition-based graphical passwords, but their usability was limited by slow login times. A graphical password scheme that leveraged recognition and recall memory was most successful at combining memorability and usability.