Towards an effective recognition graphical password mechanism based on cultural familiarity

Text-based passwords for authentication are exposed to the dictionary attack as users tend to create weak passwords for easy memorability. When dealing with user’s authentication, pictures are more likely to be simply remembered in comparison with words. Hence, this study aimed to determine the types of pictures in accordance to users’ cultural background. It also investigated the relationship between the choices of password and the cultural familiarity along with the effect of Graphical Password (GP) on security and usability. A list of guidelines was proposed for the recognition of graphical passwords. This is believed to increase the security as well as usability. A total of 40 students were recruited to build a GP database. Further, an evaluation was conducted to investigate users’ familiarity and recognition of the GP from the database using 30 other respondents. The results showed that the 30 participants positively responded to the familiar pictures in accordance to their cultures. The result of successful login rate was 79.51% which indicates that cultural-based GP has increased the respondents’ familiarity by promoting their memorability. Further, the respondents who chose familiar GP had higher guessing attack rate than the unfamiliar GP. Finally, a total of 8 guidelines were established based on the aspects that correspond to the users’ preferences for choosing and processing GP. These guidelines can be used by graphical password system designers to develop effective GP system

The usability of knowledge based authentication methods on mobile devices

Mobile devices are providing ever increasing functionality to users, and the risks associated with applications storing personal details are high. Graphical authentication methods have been shown to provide better security in terms of password space than traditional approaches, as well as being more memorable. The usability of any system is important since an unusable system will often be avoided. This thesis aims to investigate graphical authentication methods based on recall, cued recall and recognition memory in terms of their usability and security