Thomas S. Tullis
Donna P. Tedesco
ABSTRACT
Previous research had shown that pictorial passwords, where users recognize their target images among distractors, have potential for improving the usability of authentication systems. A method using personal photos provided by the users as their targets, shown among highly similar distractors, showed the most promise for both accuracy and security. But the longest time period that had been tested between successive login attempts was only about one month. We wanted to see what happens when six years have elapsed. We recruited some of the same participants from the previous study and tested their ability to select their target photos six years later. We found that 12 of 13 participants successfully authenticated themselves. The overall accuracy rate was 95.6%, demonstrating that most users can remember these pictorial passwords even over long periods of time.
- Florencio, D. and Herley, C. A large-scale study of web password habits, Proceedings of the 16th international conference on World Wide Web, May 8--12, 2007, Banff, Alberta, Canada. Google Scholar
Digital Library
- Seward, Z. M., and Sun, A. The Top 50 Gawker Media Passwords. The Wall Street Journal, December 13, 2010.Google Scholar
- Takada, T., Onuki, T., and Koike, H. Awase-e: Recognition-based image authentication scheme using users' personal photographs. Innovations in Information Technology, 2006, pages 1--5, Nov. 2006.Google ScholarCross Ref
- Tullis, T., Mangan, E., and Rosenbaum, R. An Empirical Comparison of On-Screen Keyboards. Human Factors and Ergonomics Society 51st Annual Meeting, Baltimore, MD, October 1-5, 2007.Google Scholar
- Tullis, T. S., and Tedesco, D. P. Using personal photos as pictorial passwords, CHI '05 extended abstracts on Human factors in computing systems, April 2-7, 2005, Portland, OR, USA. Google ScholarDigital Library
Index Terms
- Can users remember their pictorial passwords six years later
Recommendations
Using personal photos as pictorial passwords
CHI EA '05: CHI '05 Extended Abstracts on Human Factors in Computing SystemsPictorial passwords, where the user recognizes "target" images among "distractors", appear to have potential for improving the usability of authentication systems. We conducted three exploratory studies on the use of personal photos for authentication ...
Comments