Graphical passwords are a novel method of knowledge-based authentication that shows promise for improved usability and memorability. This paper presents two studies that examined the effect of image type in cognometric, recognition-based graphical passwords. Specifically, the usability of such authentication schemes was explored at security levels equivalent to those acceptable for text passwords. Related psychological theory was drawn upon to consider the relative strength of visual memory, to distinguish recognition from recall, and for face recognition by humans. With image type as the independent variable, login success and login time were observed as the dependent variables. Results from both studies showed that participants in the object images condition performed equal to or better than those in the face images condition. Importantly, there was no evidence to support the claim that the use of face images in the authentication scheme would result in superior user performance. Copyright2011 ACM.

Additional Metadata
Keywords Authentication, Graphical passwords, Usable security
Persistent URL dx.doi.org/10.1145/2076732.2076754
Conference 27th Annual Computer Security Applications Conference, ACSAC 2011
Citation
Hlywa, M. (Max), Biddle, R, & Patrick, A.S. (Andrew S.). (2011). Facing the facts about image type in recognition-based graphical passwords. Presented at the 27th Annual Computer Security Applications Conference, ACSAC 2011. doi:10.1145/2076732.2076754