Effects of Human Cognitive Differences on Interaction and Visual Behavior in Graphical User Authentication

  • Marios BelkEmail author
  • Christos Fidas
  • Christina Katsini
  • Nikolaos Avouris
  • George Samaras
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10515)


This paper discusses two user studies to investigate whether human cognitive differences affect user interaction and visual behavior within recognition-based graphical authentication tasks. In order to increase external validity, we conducted the studies with separate user samples. In the first study (N = 82) which embraced a longitudinal and ecological valid interaction scenario, we examined whether field dependence-independence (FD-I) differences have an effect on their login performance. During the second study (N = 51) which embraced an in-lab eye tracking setup, we investigated whether FD-I differences of participants are reflected on their visual behavior during graphical key creation. Analysis of results revealed interaction effects of users’ FD-I differences which indicate that such human cognitive differences should be considered as additional human design factors in graphical user authentication research.


Human cognition Graphical passwords Usability Eye tracking 


  1. 1.
    Biddle, R., Chiasson, S., van Oorschot, P.: Graphical passwords: learning from the first twelve years. ACM Comput. Surv. 44(4), 41 p. (2012)Google Scholar
  2. 2.
    Passfaces Corporation: The Science Behind Passfaces. White paper (2009).
  3. 3.
    Paivio, A., Csapo, K.: Picture superiority in free recall: imagery or dual coding? Cogn. Psychol. 5(2), 176–206 (1973)CrossRefGoogle Scholar
  4. 4.
    Mihajlov, M., Jerman-Blazic, B.: On designing usable and secure recognition-based graphical authentication mechanisms. Interact. Comput. 23(6), 582–593 (2011)CrossRefGoogle Scholar
  5. 5.
    Jermyn, I., Mayer, A., Monrose, F., Reiter, M., Rubin, A.: The design and analysis of graphical passwords. In: Proceedings of the USENIX Security Symposium (Security 1999). USENIX Association (1999)Google Scholar
  6. 6.
    Gao, H., Guo, X., Chen, X., Wang, L., Liu, X.: YAGP: yet another graphical password strategy. In: Proceedings of the Conference on Computer Security Applications, pp. 121–129. IEEE Computer Society (2008)Google Scholar
  7. 7.
    Tao, H., Adams, C.: Pass-Go: a proposal to improve the usability of graphical passwords. Netw. Secur. 7(2), 273–292 (2008)Google Scholar
  8. 8.
    Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., Memon, N.: Authentication using graphical passwords: effects of tolerance and image choice. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2005), pp. 1–12. ACM Press (2005)Google Scholar
  9. 9.
    Chiasson, S., Forget, A., Biddle, R., van Oorschot, P.: Influencing users towards better passwords: persuasive cued click-points. In: Proceedings of the Conference on People and Computers, pp. 121–130. British Computer Society (2008)Google Scholar
  10. 10.
    Dhamija, R., Perrig, A.: DejaVu: a user study using images for authentication. In: Proceedings of the USENIX Security Symposium. USENIX Association (2000)Google Scholar
  11. 11.
    Stobert, E., Biddle, R.: Memory retrieval and graphical passwords. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2013), article 15, 14 p. ACM Press (2013)Google Scholar
  12. 12.
    Nicholson, J., Coventry, L., Briggs, P.: Age-related performance issues for PIN and face-based authentication systems. In: Proceedings of Conference on Human Factors in Computing Systems (CHI 2013), pp. 323–332. ACM Press (2013)Google Scholar
  13. 13.
    Ma, Y., Feng, J., Kumin, L., Lazar, J.: Investigating user behavior for authentication methods: a comparison between individuals with down syndrome and neurotypical users. ACM Trans. Access. Comput. 4(4), Article 15, 27 p. (2013)Google Scholar
  14. 14.
    Belk, M., Fidas, C., Germanakos, P., Samaras, G.: Security for diversity: studying the effects of verbal and imagery processes on user authentication mechanisms. In: Kotzé, P., Marsden, G., Lindgaard, G., Wesson, J., Winckler, M. (eds.) INTERACT 2013. LNCS, vol. 8119, pp. 442–459. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40477-1_27 CrossRefGoogle Scholar
  15. 15.
    Belk, M., Fidas, C., Germanakos, P., Samaras, G.: A personalized user authentication approach based on individual differences in information processing. Interact. Comput. 27(6), 706–723 (2015). Oxford University PressCrossRefGoogle Scholar
  16. 16.
    Chowdhury, S., Poet, R., Mackenzie, L.: A comprehensive study of the usability of multiple graphical passwords. In: Kotzé, P., Marsden, G., Lindgaard, G., Wesson, J., Winckler, M. (eds.) INTERACT 2013. LNCS, vol. 8119, pp. 424–441. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40477-1_26 CrossRefGoogle Scholar
  17. 17.
    Everitt, K., Bragin, T., Fogarty, J., Kohno, T.: A comprehensive study of frequency, interference, and training of multiple graphical passwords. In: Proceedings of the Conference on Human Factors in Computing Systems (CHI 2009), pp. 889–898. ACM Press (2009)Google Scholar
  18. 18.
    Hayashi, E., Dhamija, R., Christin, N., Perrig, A.: Use your illusion: secure authentication usable anywhere. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2008), pp. 35–45. ACM Press (2008)Google Scholar
  19. 19.
    Hayashi, E., Hong, J., Christin, N.: Security through a different kind of obscurity: evaluating distortion in graphical authentication schemes. In: Proceedings of the Conference on Human Factors in Computing Systems (CHI 2011), pp. 2055–2064. ACM Press (2011)Google Scholar
  20. 20.
    Witkin, H.A., Moore, C.A., Goodenough, D.R., Cox, P.W.: Field-dependent and field-independent cognitive styles and their educational implications. Educ. Res. 47(1), 1–64 (1977)Google Scholar
  21. 21.
    Angeli, C., Valanides, N., Kirschner, P.: Field dependence-independence and instructional-design effects on learners’ performance with a computer-modeling tool. Comput. Hum. Behav. 25(6), 1355–1366 (2009)CrossRefGoogle Scholar
  22. 22.
    Hong, J., Hwang, M., Tam, K., Lai, Y., Liu, L.: Effects of cognitive style on digital jigsaw puzzle performance: a GridWare analysis. Comput. Hum. Behav. 28(3), 920–928 (2012)CrossRefGoogle Scholar
  23. 23.
    Rittschof, K.A.: Field dependence-independence as visuospatial and executive functioning in working memory: Implications for instructional systems design and research. Educ. Tech. Res. Dev. 58(1), 99–114 (2010)CrossRefGoogle Scholar
  24. 24.
    Witkin, H.A., Oltman, P., Raskin, E., Karp, S.: A Manual for the Embedded Figures Test. Consulting Psychologists Press, Palo Alto (1971)Google Scholar
  25. 25.
  26. 26.
    R Core Team: R: a language and environment for statistical computing. R Foundation for Statistical Computing, Vienna, Austria (2015).
  27. 27.
    Bates, D., Maechler, M., Bolker, B., Walker, S.: Fitting linear mixed-effects models using lme4. J. Stat. Softw. 67(1), 1–48 (2015)CrossRefGoogle Scholar
  28. 28.
    Dinno, A.: dunn.test: Dunn’s Test of Multiple Comparisons Using Rank Sums. R package version 1.3.1 (2015).
  29. 29.
    Winter, B., Grawunder, S.: The phonetic profile of Korean formality. J. Phon. 40, 808–815 (2012)CrossRefGoogle Scholar
  30. 30.
    Katsini, C., Fidas, C., Belk, M., Avouris, N., Samaras, G.: Influences of users’ cognitive strategies on graphical password composition. In: Extended Abstracts of the Conference on Human Factors in Computing Systems (CHI 2017), pp. 2698–2705. ACM Press (2017)Google Scholar
  31. 31.
    Raptis, G., Katsini, C., Belk, M., Fidas, C., Samaras, G., Avouris, N.: Using eye gaze data and visual activities to infer human cognitive styles: method and feasibility studies. In: Proceedings of the Conference on User Modeling, Adaptation and Personalization (UMAP 2017). ACM Press (2017, to appear)Google Scholar
  32. 32.
    Belk, M., Fidas, C., Germanakos, P., Samaras, G.: The interplay between humans, technology and user authentication: a cognitive processing perspective. Comput. Hum. Behav. (2017, to appear)Google Scholar
  33. 33.
    Belk, M., Pamboris, A., Fidas, C., Katsini, C., Avouris, N., Samaras, G.: Sweet-spotting security and usability for intelligent graphical authentication mechanisms. In: Proceedings of the Conference on Web Intelligence (WI 2017). ACM Press (2017, to appear)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2017

Authors and Affiliations

  • Marios Belk
    • 1
    • 4
    Email author
  • Christos Fidas
    • 2
  • Christina Katsini
    • 3
  • Nikolaos Avouris
    • 3
  • George Samaras
    • 4
  1. 1.Cognitive UX GmbHHeidelbergGermany
  2. 2.Department of Cultural Heritage Management and New TechnologiesUniversity of PatrasPatrasGreece
  3. 3.HCI Group, Department of Electrical and Computer EngineeringUniversity of PatrasPatrasGreece
  4. 4.Department of Computer ScienceUniversity of CyprusNicosiaCyprus

Personalised recommendations