Beyond Interaction Design: Beyond Human-Computer Interaction
Beyond Interaction Design: Beyond Human-Computer Interaction
Using personal photos as pictorial passwords
CHI '05 Extended Abstracts on Human Factors in Computing Systems
Authentication using graphical passwords: effects of tolerance and image choice
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
QoS-T: QoS throttling to elicit user cooperation in computer systems
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
On the usability of user interfaces for secure website authentication in browsers
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
| Hi-index | 0.01 |
To gain access to computer systems, users are required to be authenticated. This is usually accomplished by having the user enter an alphanumeric username and password. Users are usually required to remember multiple passwords for different systems and this poses such problems as usability, memorabilty and secuurity. Passwords are usually difficult to remember and users have developed their own methods some of which are not secure of selecting passwords which are easy to remember. In this research we developed a secure and usable password system which addresses the memorability problem. In our system users are required to remember three cartoon images which we demonstrate is easier to recall than a typical secure text password. This system is shown to be secure based on the probability of guessing a password and on the likelihood of an observer "shoulder surfing" the password and on the difficulty of launching a brute force attack against a graphical image system. Our work demonstrates that security and usability can be achieved simultaneously. It lays the foundation for developing a class of similar password systems, differing only in the degree of security required. Our password system with its low memory requirements can be used in a wide array of applications.