short-paper

“I Recall this Picture”: Understanding Picture Password Selections based on Users’ Sociocultural Experiences

Authors:

Argyris Constantinides,

Christos Fidas,

Andreas PitsillidesAuthors Info & Claims

WI '19: IEEE/WIC/ACM International Conference on Web Intelligence

Pages 408 - 412

https://doi.org/10.1145/3350546.3352557

Published: 14 October 2019 Publication History

Abstract

Graphical passwords leverage the picture superiority effect to enhance memorability, and reflect today's haptic user interaction realms. Image content related to users’ past sociocultural experiences assists users with the creation of more secure and memorable passwords. Aiming to shed light on the effects of sociocultural-related image content towards graphical password selections, we conducted a between-subjects eye-tracking study (N=37) in which users selected one image among a set of images from their assigned image group (sociocultural-related vs. generic) that would be used for creating their graphical password. Results revealed differences in users’ interaction and visual behavior during image selection. Initial users’ feedback regarding the likeability and users’ engagement with the sociocultural-related image content is also presented.

References

[1]

Hsin-Yi Chiang and Sonia Chiasson. 2013. Improving user authentication on mobile devices: a touchscreen graphical password. In Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services (MobileHCI ’13). ACM, New York, NY, USA, 251-260.

Digital Library

[2]

Emanuel von Zezschwitz, Paul Dunphy, and Alexander De Luca. 2013. Patterns in the wild: a field study of the usability of pattern and pin-based authentication on mobile devices. In Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services (MobileHCI ’13). ACM, New York, NY, USA, 261-270.

Digital Library

[3]

Paul Dunphy, Andreas P. Heiner, and N. Asokan. 2010. A closer look at recognition-based graphical passwords on mobile devices. In Proceedings of the Sixth Symposium on Usable Privacy and Security (SOUPS ’10). ACM, New York, NY, USA, Article 3, 12 pages.

Digital Library

[4]

Robert Biddle, Sonia Chiasson, and P.C. Van Oorschot. 2012. Graphical passwords: Learning from the first twelve years. ACM Computing Surveys, 44 (4), 19, 41 pages.

Digital Library

[5]

Paul C. van Oorschot and Julie Thorpe. 2011. Exploiting predictability in click-based graphical passwords. Journal of Computer Security, 19 (4), 669-702.

[6]

Julie Thorpe, and Paul C. van Oorschot. 2007. Human-seeded attacks and exploiting hot-spots in graphical passwords. In Proceedings of the 16th USENIX Security Symposium (SS ’07). USENIX Association, Berkeley, CA, USA, Article 8, 16 pages.

Digital Library

[7]

Andreas Bulling, Florian Alt, and Albrecht Schmidt. 2012. Increasing the security of gaze-based cued-recall graphical passwords using saliency masks. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI ’12). ACM, New York, NY, USA, 3011-3020.

Digital Library

[8]

Florian Alt, Stefan Schneegass, Alireza Sahami Shirazi, Mariam Hassib, and Andreas Bulling. 2015. Graphical Passwords in the Wild: Understanding How Users Choose Pictures and Passwords in Image-based Authentication Schemes. In Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services (MobileHCI ’15). ACM, New York, NY, USA, 316-322.

Digital Library

[9]

Paul C. van Oorschot, Amirali Salehi-Abari, and Julie Thorpe. 2010. Purely Automated Attacks on PassPoints-Style Graphical Passwords. In IEEE Transactions on Information Forensics and Security 5(3), 393-405.

Digital Library

[10]

Sonia Chiasson, Paul C. Van Oorschot, and Robert Biddle. 2007. Graphical password authentication using cued click points. In Proceedings of the 12th European conference on Research in Computer Security (ESORICS ’07). Springer-Verlag, Berlin, Heidelberg, Germany, 359-374.

Digital Library

[11]

Sonia Chiasson, Alain Forget, Robert Biddle, and Paul C. van Oorschot. 2008. Influencing users towards better passwords: persuasive cued click-points. In Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction-Volume 1 (BCS-HCI ’08). BCS Learning & Development Ltd., Swindon, UK, 121-130.

[12]

Thomas S. Tullis and Donna P. Tedesco. 2005. Using personal photos as pictorial passwords. In CHI'05 Extended Abstracts on Human Factors in Computing Systems (CHI EA ’05). ACM Press, New York, NY, USA, 1841-1844.

Digital Library

[13]

Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy, and Nasir Memon. 2005. Authentication using graphical passwords: effects of tolerance and image choice. In Proceedings of the 2005 symposium on Usable privacy and security (SOUPS ’05). ACM, New York, NY, USA, 1-12.

Digital Library

[14]

Florian Schaub, Marcel Walch, Bastian Könings, and Michael Weber. 2013. Exploring the design space of graphical passwords on smartphones. In Proceedings of the Ninth Symposium on Usable Privacy and Security (SOUPS ’13). ACM, New York, NY, USA, Article 11, 14 pages.

Digital Library

[15]

Steven Furnell. 2005. Why users cannot use security. Computers and Security, 24 (4), 274-279.

Digital Library

[16]

Shane Ahern, Dean Eckles, Nathaniel S. Good, Simon King, Mor Naaman, and Rahul Nair. 2007. Over-exposed?: privacy patterns and considerations in online and mobile photo sharing. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI ’07). ACM Press, New York, NY, USA, 357-366.

Digital Library

[17]

Ülkü Arslan Aydın, Cengiz Acartürk, and Kürşat Çağıltay. 2013. The Role of Visual Coherence in Graphical Passwords. In Proceedings of the Annual Meeting of the Cognitive Science Society, 35. Retrieved from https://escholarship.org/uc/item/8kc3g1z3

[18]

Aljahdali, Hani Moaiteq, and Ron Poet. 2013. "The affect of familiarity on the usability of recognition-based graphical passwords: Cross cultural study between saudi arabia and the united kingdom."2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. IEEE.

Digital Library

[19]

Ziming Zhao, Gail-Joon Ahn, Jeongjin Seo, and Hongxin Hu. 2013. On the security of picture gesture authentication. In Proceedings of the 22nd USENIX Security Symposium. USENIX Association, 383–398.

[20]

Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras, and Nikolaos Avouris. 2018. Influences of Human Cognition and Visual Behavior on Password Strength during Picture Password Composition. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems (CHI ’18). ACM Press, New York, NY, USA, Paper 87, 14 pages.

Digital Library

[21]

Argyris Constantinides, Marios Belk, Christos Fidas, and George Samaras. 2018. On Cultural-centered Graphical Passwords: Leveraging on Users' Cultural Experiences for Improving Password Memorability. In Proceedings of the 26th Conference on User Modeling, Adaptation and Personalization (UMAP ’18). ACM, New York, NY, USA, 245-249.

Digital Library

[22]

Argyris Constantinides, Christos Fidas, Marios Belk, and George Samaras. 2018. On sociocultural-centered graphical passwords: an initial framework. In Proceedings of the 20th International Conference on Human-Computer Interaction with Mobile Devices and Services Adjunct (MobileHCI ’18). ACM, New York, NY, USA, 277-284.

Digital Library

[23]

Argyris Constantinides, Marios Belk, Christos Fidas, and Andreas Pitsillides. 2019. On the Accuracy of Eye Gaze-driven Classifiers for Predicting Image Content Familiarity in Graphical Passwords. In Proceedings of the 27th ACM Conference on User Modeling, Adaptation and Personalization (UMAP ’19). ACM, New York, NY, USA, 201-205.

Digital Library

[24]

Jeffrey Jay Johnson, Steve Seixeiro, Zachary Pace, Giles van der Bogert, Sean Gilmour, Levi Siebens, and Kenneth Tubbs. 2014. Picture Gesture Authentication. Retrieved from https://www.google.com/patents/US8910253

[25]

Paul Dunphy and Jeff Yan. 2007. Do background images improve "draw a secret" graphical passwords?. In Proceedings of the 14th ACM conference on Computer and communications security (CCS ’07). ACM, New York, NY, USA, 36-47.

Digital Library

[26]

Ziming Zhao, Gail-Joon Ahn, and Hongxin Hu. 2015. Picture Gesture Authentication: Empirical Analysis, Automated Attacks, and Scheme Evaluation. ACM Trans. Inf. Syst. Secur. 17, 4, Article 14, 37 pages.

Digital Library

[27]

Federico Perazzi, Philipp Krähenbühl, Yael Pritch, and Alexander Hornung. 2012. Saliency filters: Contrast based filtering for salient region detection. 2012 IEEE Conference on Computer Vision and Pattern Recognition (CVPR ’12). IEEE, Providence, RI, USA, 733-740.

[28]

Maurizio Cardaci, Vito Di Gesù, Maria Petrou, and Marco Elio Tabacchi. 2009. A fuzzy approach to the evaluation of image complexity. Fuzzy Sets and Systems, 160 (10), 1474-1484.

[29]

GP3 Eye Tracker. 2018. [Online] Available at: https://www.gazept.com/

[30]

Endel Tulving. 1972. Episodic and semantic memory. In E. Tulving & W. Donaldson (Eds.), Organization of memory. New York: Academic Press, 1972.

[31]

Krzysztof Krejtz, Andrew Duchowski, Tomasz Szmidt, Izabela Krejtz, Fernando González Perilli, Ana Pires, Anna Vilaro, and Natalia Villalobos. 2015. Gaze Transition Entropy. ACM Trans. Appl. Percept. 13, 1, Article 4, 20 pages.

Digital Library

[32]

George E. Raptis, Christos A. Fidas, and Nikolaos M. Avouris. 2016. Using Eye Tracking to Identify Cognitive Differences: A Brief Literature Review. In Proceedings of the 20th Pan-Hellenic Conference on Informatics (PCI '16). ACM, New York, NY, USA, Article 21, 6 pages.

[33]

Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras, and Nikolaos Avouris. 2018. Eye Gaze-driven Prediction of Cognitive Differences during Graphical Password Composition. In 23rd International Conference on Intelligent User Interfaces (IUI ’18). ACM, New York, NY, USA, 147-152.

Digital Library

[34]

Marios Belk, Andreas Pamboris, Christos Fidas, Christina Katsini, Nikolaos Avouris, and George Samaras. 2017. Sweet-spotting security and usability for intelligent graphical authentication mechanisms. In Proceedings of the International Conference on Web Intelligence (WI ’17). ACM, New York, NY, USA, 252-259.

Digital Library

[35]

Yao Ma, Jinjuan Feng, Libby Kumin, and Jonathan Lazar. 2013. Investigating User Behavior for Authentication Methods: A Comparison between Individuals with Down Syndrome and Neurotypical Users. ACM Trans. Access. Comput. 4, 4, Article 15, 27 pages.

Digital Library

[36]

Marios Belk, Christos Fidas, Panagiotis Germanakos, and George Samaras. 2017. The interplay between humans, technology and user authentication. Comput. Hum. Behav. 76, C, 184-200.

Digital Library

[37]

Marios Belk, Panagiotis Germanakos, Christos Fidas, and George Samaras. 2014. A personalization method based on human factors for improving usability of user authentication tasks. User Modeling, Adaptation, and Personalization (UMAP 2014), Springer-Verlag, 13-24

Cited By

Chan GBanire BAtaguba GFrempong GOrji R(2024)A Panoramic View of Socio-Cultural Sensitivity in Digital Technologies: A Comprehensive Review and Future DirectionsInternational Journal of Human–Computer Interaction10.1080/10447318.2024.2372135(1-29)Online publication date: 11-Jul-2024
https://doi.org/10.1080/10447318.2024.2372135
Constantinides CConstantinides ABelk MFidas CPitsillides A(2021)A Comparative Study among Different Computer Vision Algorithms for Assisting Users in Picture Password CompositionAdjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3450614.3464474(357-362)Online publication date: 21-Jun-2021
https://dl.acm.org/doi/10.1145/3450614.3464474
Constantinides ABelk MFidas CPitsillides A(2021)Understanding Insider Attacks in Personalized Picture Password SchemesHuman-Computer Interaction – INTERACT 202110.1007/978-3-030-85610-6_42(722-731)Online publication date: 30-Aug-2021
https://dl.acm.org/doi/10.1007/978-3-030-85610-6_42
Show More Cited By

Index Terms

“I Recall this Picture”: Understanding Picture Password Selections based on Users’ Sociocultural Experiences
1. Human-centered computing
  1. Human computer interaction (HCI)
2. Security and privacy
  1. Security services
    1. Authentication

Index terms have been assigned to the content through auto-classification.

Recommendations

On the Accuracy of Eye Gaze-driven Classifiers for Predicting Image Content Familiarity in Graphical Passwords
UMAP '19: Proceedings of the 27th ACM Conference on User Modeling, Adaptation and Personalization

Graphical passwords leverage the picture superiority effect to enhance memorability, and reflect today's haptic users' interaction realms. Images related to users' past sociocultural experiences (e.g., retrospective) enable the creation of memorable and ...
On the Personalization of Image Content in Graphical Passwords based on Users' Sociocultural Experiences: New Challenges and Opportunities
UMAP'19 Adjunct: Adjunct Publication of the 27th Conference on User Modeling, Adaptation and Personalization

Recent works underpin the added value of considering users' past sociocultural experiences as a personalization factor for the image content used within graphical password schemes, since it has a positive impact on the security and memorability of the ...
A Password Manager that Doesn't Remember Passwords
NSPW '14: Proceedings of the 2014 New Security Paradigms Workshop

The problems with passwords are well-known: secure passwords are difficult to remember, users have too many passwords, and users have difficulty matching their passwords to accounts. Password managers and cued graphical passwords are two password ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

WI '19: IEEE/WIC/ACM International Conference on Web Intelligence

October 2019

507 pages

ISBN:9781450369343

DOI:10.1145/3350546

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 October 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Funding Sources

Conference

WI '19

WI '19: IEEE/WIC/ACM International Conference on Web Intelligence

October 14 - 17, 2019

Thessaloniki, Greece

Acceptance Rates

Overall Acceptance Rate 118 of 178 submissions, 66%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
164
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)1

Reflects downloads up to 06 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chan GBanire BAtaguba GFrempong GOrji R(2024)A Panoramic View of Socio-Cultural Sensitivity in Digital Technologies: A Comprehensive Review and Future DirectionsInternational Journal of Human–Computer Interaction10.1080/10447318.2024.2372135(1-29)Online publication date: 11-Jul-2024
https://doi.org/10.1080/10447318.2024.2372135
Constantinides CConstantinides ABelk MFidas CPitsillides A(2021)A Comparative Study among Different Computer Vision Algorithms for Assisting Users in Picture Password CompositionAdjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3450614.3464474(357-362)Online publication date: 21-Jun-2021
https://dl.acm.org/doi/10.1145/3450614.3464474
Constantinides ABelk MFidas CPitsillides A(2021)Understanding Insider Attacks in Personalized Picture Password SchemesHuman-Computer Interaction – INTERACT 202110.1007/978-3-030-85610-6_42(722-731)Online publication date: 30-Aug-2021
https://dl.acm.org/doi/10.1007/978-3-030-85610-6_42
Constantinides ABelk MFidas CPitsillides A(2020)Design and Development of a Patient-centric User Authentication SystemAdjunct Publication of the 28th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3386392.3399564(201-203)Online publication date: 14-Jul-2020
https://dl.acm.org/doi/10.1145/3386392.3399564
Pietron AHan T(2020)A Case Study of Graphical Passwords in a Chinese UniversityAdjunct Publication of the 28th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3386392.3399558(175-180)Online publication date: 14-Jul-2020
https://dl.acm.org/doi/10.1145/3386392.3399558
Constantinides ABelk MFidas CPitsillides APaternò FOliver NConati CSpano LTintarev N(2020)An eye gaze-driven metric for estimating the strength of graphical passwords based on image hotspotsProceedings of the 25th International Conference on Intelligent User Interfaces10.1145/3377325.3377537(33-37)Online publication date: 17-Mar-2020
https://dl.acm.org/doi/10.1145/3377325.3377537
Constantinides APietron ABelk MFidas CHan TPitsillides A(2020)A Cross-cultural Perspective for Personalizing Picture PasswordsProceedings of the 28th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3340631.3394859(43-52)Online publication date: 7-Jul-2020
https://dl.acm.org/doi/10.1145/3340631.3394859

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents