Exploring the Guessability of Image Passwords
Pages 264 - 271
Abstract
This paper presents a user study with 70 participants using four different image types: Mikon; doodle; art; object, to examine guessability of image passwords to textual descriptions The study reported in this paper will examine, whether a written (textual) copy made by an account holder for recalling the target images forming a password in subsequent use, could be used for successful authentication by an attacker. The statistical test results of the study revealed that object images had the highest guessability, followed by the doodle images. The guessability of Mikon images was either equal to or slightly higher than the art images. The results also showed that the subjects described the elements in the target image, while making a written copy of their passwords for subsequent use, in the given experimental set-up. Based on the results obtained, we recommend the use of art images as passwords in image authentication.
References
[1]
Adams, A., and Sasse, M.A. Users are not the enemy. Communications of the ACM, (CACM 1999), pp. 40--46.
[2]
Florencio, D., and Herley, C. A large-scale study of web password habits. Proceedings of International Conference on World Wide Web (WWW 2007), pp. 657--666.
[3]
Nelson, L.D., and Reed, R. Picture Superiority Effect. Journal of Experimental Psychology: Human Learning and Memory, vol. 2, 1977, pp. 523--528.
[4]
Chowdhury, S., Poet, R., Mackenzie, L. A comprehensive study of the usability of multiple graphical passwords. In proc. In Proc. of Interact 2013, pp. 424--441.
[5]
Moncur, W., and LePlâtre, G. Pictures at the ATM - Exploring the usability of multiple graphic al passwords. In Proc. of CHI 2007, pp. 887--894.
[6]
Everitt, K.M., Bragin, T., Fogarty, J., and Kohno, T. A comprehensive study of frequency, interference, and training of multiple graphical passwords. In Proc. of CHI 2009, pp. 889--898.
[7]
Dunphy, P., Nicholson, J., and Oliver, P. Securing passfaces for description. In Proc. SOUPS 2008, pp. 24--35.
[8]
Chowdhury, S., Poet, R., and Mackenzie, L. Exploring the guessability of image passwords using verbal descriptions," In Proc. of Trust, Security and Privacy in Computing and Communications (TrustCom 2013), pp. 768--775.
[9]
Renaud, K. On user involvement in production of images used in visual authentication. Journal of Visual Languages and Computing, vol. 92, Feb. 2009, pp. 1--15.
[10]
Himmanen, S.A., Gentles, K., and Sailor, K. Rated familiarity, visual complexity and image agreement and their relation to naming difficulty for items from the Boston naming test. Journal of Clinical and Experimental Neuropsychology, vol. 25, 2003, pp. 1178--1185.
[11]
Montaldi, D., Spencer, T. J., Roberts, N., and Mayes, A. R. The neural systems that mediates familiarity memory." Hippocampus, vol. 16, 2006, pp. 504--520.
[12]
Szekely, A., and Bates, E. Objective visual complexity as a variable in picture naming. CRL Newsletter Center for Research in language, University of California 2000, pp. 3--33
[13]
Wolfe, J. M. Guided search: A revised model of visual search. Psychonomic Bulletin and Review, vol. 1, 1994, pp. 202--238.
[14]
Wolfe, J. M. Moving towards solution to some enduring controversies in visual search. Trends in Cognitive Science, vol. 7, 2003, pp. 70--77.
[15]
Gilchrist, I. D., and Harvey M. Refixation frequency and memory mechanisms in visual search. Current Biology, vol. 10, 2000. pp. 1209--1212.
[16]
Woodman, G.F., and Luck, S.J. Electrophysical measurement of rapid shifts of attention during visual search. Nature, vol. 400, 1999, pp. 867--869.
[17]
Greisdorf, H., and O'Connor, B. Modelling what users see when they look at images: a cognitive viewpoint. Journal of Documentation, vol. 58, 2002, pp. 6--29.
[18]
Renaud, K. Web authentication using Mikon images. World Congress on Privacy, Security, Trust and the management of E-Business 2009, pp. 1--10.
[19]
Biddle, R., Chiasson, S., and Oorschot, P. Van. Graphical passwords: Learning from the first twelve years. ACM Computing Surveys (CSUR) 44, 4 (2012), 1--43.
Index Terms
- Exploring the Guessability of Image Passwords
Recommendations
Exploring the Guessability of Image Passwords Using Verbal Descriptions
TRUSTCOM '13: Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and CommunicationsOne claimed advantage of the image passwords used in recognition based graphical authentication systems (RBGSs) over text passwords is that they cannot be written down or verbally disclosed. However, there is no empirical evidence to support this claim. ...
Comments
Information & Contributors
Information
Published In
September 2014
518 pages
Copyright © 2014 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
In-Cooperation
- SIGSAC: ACM Special Interest Group on Security, Audit, and Control
- MNIT: Malaviya National Institute of Technology
- Aksaray Univ.: Aksaray University
- SICSA: The Scottish Informatics and Computer Science Alliance
- University of Glasgow: University of Glasgow
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 09 September 2014
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
SIN '14
SIN '14: The 7th International Conference on Security of Information and Networks
September 9 - 11, 2014
Scotland, Glasgow, UK
Acceptance Rates
SIN '14 Paper Acceptance Rate 32 of 109 submissions, 29%;
Overall Acceptance Rate 102 of 289 submissions, 35%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 85Total Downloads
- Downloads (Last 12 months)12
- Downloads (Last 6 weeks)0
Reflects downloads up to 12 Sep 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in