Revisiting graphical passwords for augmenting, not replacing, text passwords


Akpulat M., Bicakci K., Cil U.

29th Annual Computer Security Applications Conference, ACSAC 2013, New Orleans, LA, United States Of America, 9 - 13 December 2013, pp.119-128 identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.1145/2523649.2523672
  • City: New Orleans, LA
  • Country: United States Of America
  • Page Numbers: pp.119-128
  • Keywords: Authentication, Graphical passwords, Passwords, Usable security
  • Istanbul Technical University Affiliated: No

Abstract

Users generally choose weak passwords which can be easily guessed. On the other hand, adoption of alternatives to text passwords has been slow due to cost and usability factors. We acknowledge that incumbent passwords remain difficult to beat and introduce in this study Type&Click (T&C), a hybrid scheme supporting text passwords with the graphical passwords. In T&C, users first type a text as usual and then make a single click on an image to complete the password entry. While largely preserving the login experience with the text passwords, the new scheme utilizes accumulated scientific knowledge in graphical password research (implicit feedback, persuasion during password creation, leveraging cued recall memory). The results of our user study suggest that T&C is promising for augmenting text passwords for improved security without degrading usability. Copyright 2013 ACM.