skip to main content
10.1145/3206505.3206546acmconferencesArticle/Chapter ViewAbstractPublication PagesaviConference Proceedingsconference-collections
short-paper

Does image grid visualization affect password strength and creation time in graphical authentication?

Published: 29 May 2018 Publication History

Abstract

Nowadays, technological advances introduce new visualization and user interaction possibilities. Focusing on the user authentication domain, graphical passwords are considered a better fit for interaction environments which lack a physical keyboard. Nonetheless, the current graphical user authentication schemes are deployed in conventional layouts, which introduce security vulnerabilities associated with the strength of the user selected passwords. Aiming to investigate the effectiveness of advanced visualization layouts in selecting stronger passwords, this paper reports a between-subject study, comparing two different design layouts a two-dimensional and a three dimensional. Results provide evidence that advanced visualization techniques provide a more suitable framework for deploying graphical user authentication schemes and underpin the need for considering such techniques for providing assistive and/or adaptive mechanisms to users aiming to assist them to create stronger graphical passwords.

References

[1]
Marios Belk, Christos Fidas, Panagiotis Germanakos, and George Samaras. 2017. The Interplay between Humans, Technology and User Authentication: A Cognitive Processing Perspective. Computers in Human Behavior 76 (2017), 184 -- 200.
[2]
Marios Belk, Andreas Pamboris, Christos Fidas, Christina Katsini, Nikolaos Avouris, and George Samaras. 2017. Sweet-spotting Security and Usability for Intelligent Graphical Authentication Mechanisms. In Proceedings of the International Conference on Web Intelligence (WI '17). ACM, New York, NY, USA, 252--259.
[3]
Sacha Brostoff and M. Angela Sasse. 2000. Are Passfaces More Usable Than Passwords? A Field Trial Investigation. In People and Computers XIV --- Usability or Else!, Sharon McDonald, Yvonne Waern, and Gilbert Cockton (Eds.). Springer London, London, 405--424.
[4]
Soumyadeb Chowdhury, Ron Poet, and Lewis Mackenzie. 2013. A Comprehensive Study of the Usability of Multiple Graphical Passwords. In Human-Computer Interaction - INTERACT 2013, Paula Kotzé, Gary Marsden, Gitte Lindgaard, Janet Wesson, and Marco Winckler (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 424--441.
[5]
Antonella De Angeli, Mike Coutts, Lynne Coventry, Graham I. Johnson, David Cameron, and Martin H. Fischer. 2002. VIP: A Visual Approach to User Authentication. In Proceedings of the Working Conference on Advanced Visual Interfaces (AVI '02). ACM, New York, NY, USA, 316--323.
[6]
Rachna Dhamija and Adrian Perrig. 2000. Deja Vu-A User Study: Using Images for Authentication. In USENIX Security Symposium, Vol. 9. 4--4.
[7]
Ahmet Emir Dirik, Nasir Memon, and Jean-Camille Birget. 2007. Modeling User Choice in the PassPoints Graphical Password Scheme. In Proceedings of the 3rd Symposium on Usable Privacy and Security (SOUPS '07). ACM, New York, NY, USA, 20--28.
[8]
Christina Katsini, Marios Belk, Christos Fidas, Nikolaos Avouris, and George Samaras. 2016. Security and Usability in Knowledge-based User Authentication: A Review. In Proceedings of the 20th Pan-Hellenic Conference on Informatics (PCI '16). ACM, New York, NY, USA, Article 63, 6 pages.
[9]
Christina Katsini, Christos Fidas, Marios Belk, Nikolaos Avouris, and George Samaras. 2017. Influences of Users' Cognitive Strategies on Graphical Password Composition. In Proceedings of the 2017 CHI Conference Extended Abstracts on Human Factors in Computing Systems (CHI EA '17). ACM, New York, NY, USA, 2698--2705.
[10]
Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras, and Nikolaos Avouris. 2018. Eye Gaze-driven Prediction of Cognitive Differences During Graphical Password Composition. In 23rd International Conference on Intelligent User Interfaces (IUI '18). ACM, New York, NY, USA, 147--152.
[11]
Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras, and Nikolaos Avouris. 2018. Influences of Human Cognition and Visual Behavior on Password Strength During Picture Password Composition. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems (CHI '18). ACM, New York, NY, USA, Article 87, 14 pages.
[12]
Christina Katsini, George E. Raptis, Christos Fidas, and Nikolaos Avouris. 2018. Towards Gaze-Based Quantification of the Security of Graphical Authentication Schemes. In Proceedings of the Tenth Biennial ACM Symposium on Eye Tracking Research & Applications (ETRA '18). ACM, New York, NY, USA.
[13]
William Melicher, Darya Kurilova, Sean M. Segreti, Pranshu Kalvani, Richard Shay, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Michelle L. Mazurek. 2016. Usability and Security of Text Passwords on Mobile Devices. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (CHI '16). ACM, New York, NY, USA, 527--539.
[14]
Martin Mihajlov and Borka Jerman-Blažič. 2011. On Designing Usable and Secure Recognition-based Graphical Authentication Mechanisms. Interacting with Computers 23, 6 (Nov 2011), 582--593.
[15]
Martin Mihajlov, Borka Jerman-Blažič, and Anita Ciunova Shuleska. 2016. Why That Picture? Discovering Password Properties in Recognition-Based Graphical Authentication. International Journal of Human-Computer Interaction 32, 12 (2016), 975--988.
[16]
Martin Mihajlov, Borka Jerman-Blažič, and Marko Ilievski. 2011. ImagePass - Designing Graphical Authentication for Security. In 7th International Conference on Next Generation Web Services Practices. 262--267.
[17]
George E. Raptis, Christos Fidas, and Nikolaos Avouris. 2018. Effects of Mixed-Reality on Players' Behaviour and Immersion in a Cultural Tourism Game: A Cognitive Processing Perspective. International Journal of Human-Computer Studies (2018).
[18]
George E. Raptis, Christina Katsini, Marios Belk, Christos Fidas, George Samaras, and Nikolaos Avouris. 2017. Using Eye Gaze Data and Visual Activities to Infer Human Cognitive Styles: Method and Feasibility Studies. In Proceedings of the 25th Conference on User Modeling, Adaptation and Personalization (UMAP '17). ACM, New York, NY, USA, 164--173.
[19]
Gary F. Templeton. 2011. A Two-step Approach for Transforming Continuous Variables to Normal: Implications and Recommendations for IS Research. CAIS 28, 1 (2011), 41--58. http://aisel.aisnet.org/cais/vol28/iss1/4
[20]
Julie Thorpe and Paul C. van Oorschot. 2007. Human-seeded Attacks and Exploiting Hot-spots in Graphical Passwords. In Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium (SS'07). USENIX Association, Berkeley, CA, USA, Article 8, 16 pages. http://dl.acm.org/citation.cfm?id=1362903.1362911
[21]
Sebastian Uellenbeck, Markus Dürmuth, Christopher Wolf, and Thorsten Holz. 2013. Quantifying the Security of Graphical Passwords: The Case of Android Unlock Patterns. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS '13). ACM, New York, NY, USA, 161--172.
[22]
Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy, and Nasir Memon. 2005. Authentication Using Graphical Passwords: Effects of Tolerance and Image Choice. In Proceedings of the 2005 Symposium on Usable Privacy and Security (SOUPS '05). ACM, New York, NY, USA, 1--12.

Cited By

View all
  • (2023)Systemic Literature Review of Recognition-Based Authentication Method Resistivity to Shoulder-Surfing AttacksApplied Sciences10.3390/app13181004013:18(10040)Online publication date: 6-Sep-2023
  • (2023)An Efficient Multifactor Authentication SystemComputational Intelligence in Pattern Recognition10.1007/978-981-99-3734-9_10(109-122)Online publication date: 27-Aug-2023
  • (2021)Pure Recall-Based Graphical User Authentication Schemes: Perspectives from a Closer LookProceedings of the 3rd African Human-Computer Interaction Conference: Inclusiveness and Empowerment10.1145/3448696.3448721(141-145)Online publication date: 8-Mar-2021
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
AVI '18: Proceedings of the 2018 International Conference on Advanced Visual Interfaces
May 2018
430 pages
ISBN:9781450356169
DOI:10.1145/3206505
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 May 2018

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. graphical password strength
  2. graphical passwords
  3. image grid
  4. recognition-based graphical authentication
  5. usable security

Qualifiers

  • Short-paper

Funding Sources

  • General Secretariat for Research and Technology (GSRT) and Hellenic Foundation for Research and Innovation (HFRI)

Conference

AVI '18
AVI '18: 2018 International Conference on Advanced Visual Interfaces
May 29 - June 1, 2018
Grosseto, Castiglione della Pescaia, Italy

Acceptance Rates

AVI '18 Paper Acceptance Rate 19 of 77 submissions, 25%;
Overall Acceptance Rate 128 of 490 submissions, 26%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)1
Reflects downloads up to 27 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Systemic Literature Review of Recognition-Based Authentication Method Resistivity to Shoulder-Surfing AttacksApplied Sciences10.3390/app13181004013:18(10040)Online publication date: 6-Sep-2023
  • (2023)An Efficient Multifactor Authentication SystemComputational Intelligence in Pattern Recognition10.1007/978-981-99-3734-9_10(109-122)Online publication date: 27-Aug-2023
  • (2021)Pure Recall-Based Graphical User Authentication Schemes: Perspectives from a Closer LookProceedings of the 3rd African Human-Computer Interaction Conference: Inclusiveness and Empowerment10.1145/3448696.3448721(141-145)Online publication date: 8-Mar-2021
  • (2021)Fast and Secure Authentication in Virtual Reality Using Coordinated 3D Manipulation and PointingACM Transactions on Computer-Human Interaction10.1145/342812128:1(1-44)Online publication date: 20-Jan-2021
  • (2021)Better, Funner, Stronger: A Gameful Approach to Nudge People into Making Less Predictable Graphical Password ChoicesProceedings of the 2021 CHI Conference on Human Factors in Computing Systems10.1145/3411764.3445658(1-17)Online publication date: 6-May-2021
  • (2020)CogniPGA: Longitudinal Evaluation of Picture Gesture Authentication with Cognition-Based Interventioni-com10.1515/icom-2019-001118:3(237-257)Online publication date: 14-Jan-2020
  • (2020)RubikAuth: Fast and Secure Authentication in Virtual RealityExtended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems10.1145/3334480.3382827(1-9)Online publication date: 25-Apr-2020
  • (2019)LocPass: A Graphical Password Method to Prevent Shoulder-SurfingSymmetry10.3390/sym1110125211:10(1252)Online publication date: 8-Oct-2019

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media