We propose and examine the usability and security of Cued Click Points (CCP), a cued-recall graphical password technique. Users click on one point per image for a sequence of images. The next image is based on the previous click-point. We present the results of an initial user study which revealed positive results. Performance was very good in terms of speed, accuracy, and number of errors. Users preferred CCP to PassPoints (Wiedenbeck et al., 2005), saying that selecting and remembering only one point per image was easier, and that seeing each image triggered their memory of where the corresponding point was located. We also suggest that CCP provides greater security than PassPoints because the number of images increases the workload for attackers.

, , , ,
Springer, Berlin, Heidelberg
European Symposium on Research in Computer Security
School of Computer Science

Chiasson, S, Van Oorschot, P, & Biddle, R. (2007). Graphical password authentication using cued click points. Presented at the European Symposium on Research in Computer Security, Springer, Berlin, Heidelberg.