Effects of Human Cognitive Differences on Interaction and Visual Behavior in Graphical User Authentication
- 5 Citations
- 2k Downloads
Abstract
This paper discusses two user studies to investigate whether human cognitive differences affect user interaction and visual behavior within recognition-based graphical authentication tasks. In order to increase external validity, we conducted the studies with separate user samples. In the first study (N = 82) which embraced a longitudinal and ecological valid interaction scenario, we examined whether field dependence-independence (FD-I) differences have an effect on their login performance. During the second study (N = 51) which embraced an in-lab eye tracking setup, we investigated whether FD-I differences of participants are reflected on their visual behavior during graphical key creation. Analysis of results revealed interaction effects of users’ FD-I differences which indicate that such human cognitive differences should be considered as additional human design factors in graphical user authentication research.
Keywords
Human cognition Graphical passwords Usability Eye trackingReferences
- 1.Biddle, R., Chiasson, S., van Oorschot, P.: Graphical passwords: learning from the first twelve years. ACM Comput. Surv. 44(4), 41 p. (2012)Google Scholar
- 2.Passfaces Corporation: The Science Behind Passfaces. White paper (2009). http://www.passfaces.com/enterprise/resources/white_papers.htm
- 3.Paivio, A., Csapo, K.: Picture superiority in free recall: imagery or dual coding? Cogn. Psychol. 5(2), 176–206 (1973)CrossRefGoogle Scholar
- 4.Mihajlov, M., Jerman-Blazic, B.: On designing usable and secure recognition-based graphical authentication mechanisms. Interact. Comput. 23(6), 582–593 (2011)CrossRefGoogle Scholar
- 5.Jermyn, I., Mayer, A., Monrose, F., Reiter, M., Rubin, A.: The design and analysis of graphical passwords. In: Proceedings of the USENIX Security Symposium (Security 1999). USENIX Association (1999)Google Scholar
- 6.Gao, H., Guo, X., Chen, X., Wang, L., Liu, X.: YAGP: yet another graphical password strategy. In: Proceedings of the Conference on Computer Security Applications, pp. 121–129. IEEE Computer Society (2008)Google Scholar
- 7.Tao, H., Adams, C.: Pass-Go: a proposal to improve the usability of graphical passwords. Netw. Secur. 7(2), 273–292 (2008)Google Scholar
- 8.Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., Memon, N.: Authentication using graphical passwords: effects of tolerance and image choice. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2005), pp. 1–12. ACM Press (2005)Google Scholar
- 9.Chiasson, S., Forget, A., Biddle, R., van Oorschot, P.: Influencing users towards better passwords: persuasive cued click-points. In: Proceedings of the Conference on People and Computers, pp. 121–130. British Computer Society (2008)Google Scholar
- 10.Dhamija, R., Perrig, A.: DejaVu: a user study using images for authentication. In: Proceedings of the USENIX Security Symposium. USENIX Association (2000)Google Scholar
- 11.Stobert, E., Biddle, R.: Memory retrieval and graphical passwords. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2013), article 15, 14 p. ACM Press (2013)Google Scholar
- 12.Nicholson, J., Coventry, L., Briggs, P.: Age-related performance issues for PIN and face-based authentication systems. In: Proceedings of Conference on Human Factors in Computing Systems (CHI 2013), pp. 323–332. ACM Press (2013)Google Scholar
- 13.Ma, Y., Feng, J., Kumin, L., Lazar, J.: Investigating user behavior for authentication methods: a comparison between individuals with down syndrome and neurotypical users. ACM Trans. Access. Comput. 4(4), Article 15, 27 p. (2013)Google Scholar
- 14.Belk, M., Fidas, C., Germanakos, P., Samaras, G.: Security for diversity: studying the effects of verbal and imagery processes on user authentication mechanisms. In: Kotzé, P., Marsden, G., Lindgaard, G., Wesson, J., Winckler, M. (eds.) INTERACT 2013. LNCS, vol. 8119, pp. 442–459. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40477-1_27 CrossRefGoogle Scholar
- 15.Belk, M., Fidas, C., Germanakos, P., Samaras, G.: A personalized user authentication approach based on individual differences in information processing. Interact. Comput. 27(6), 706–723 (2015). Oxford University PressCrossRefGoogle Scholar
- 16.Chowdhury, S., Poet, R., Mackenzie, L.: A comprehensive study of the usability of multiple graphical passwords. In: Kotzé, P., Marsden, G., Lindgaard, G., Wesson, J., Winckler, M. (eds.) INTERACT 2013. LNCS, vol. 8119, pp. 424–441. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40477-1_26 CrossRefGoogle Scholar
- 17.Everitt, K., Bragin, T., Fogarty, J., Kohno, T.: A comprehensive study of frequency, interference, and training of multiple graphical passwords. In: Proceedings of the Conference on Human Factors in Computing Systems (CHI 2009), pp. 889–898. ACM Press (2009)Google Scholar
- 18.Hayashi, E., Dhamija, R., Christin, N., Perrig, A.: Use your illusion: secure authentication usable anywhere. In: Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2008), pp. 35–45. ACM Press (2008)Google Scholar
- 19.Hayashi, E., Hong, J., Christin, N.: Security through a different kind of obscurity: evaluating distortion in graphical authentication schemes. In: Proceedings of the Conference on Human Factors in Computing Systems (CHI 2011), pp. 2055–2064. ACM Press (2011)Google Scholar
- 20.Witkin, H.A., Moore, C.A., Goodenough, D.R., Cox, P.W.: Field-dependent and field-independent cognitive styles and their educational implications. Educ. Res. 47(1), 1–64 (1977)Google Scholar
- 21.Angeli, C., Valanides, N., Kirschner, P.: Field dependence-independence and instructional-design effects on learners’ performance with a computer-modeling tool. Comput. Hum. Behav. 25(6), 1355–1366 (2009)CrossRefGoogle Scholar
- 22.Hong, J., Hwang, M., Tam, K., Lai, Y., Liu, L.: Effects of cognitive style on digital jigsaw puzzle performance: a GridWare analysis. Comput. Hum. Behav. 28(3), 920–928 (2012)CrossRefGoogle Scholar
- 23.Rittschof, K.A.: Field dependence-independence as visuospatial and executive functioning in working memory: Implications for instructional systems design and research. Educ. Tech. Res. Dev. 58(1), 99–114 (2010)CrossRefGoogle Scholar
- 24.Witkin, H.A., Oltman, P., Raskin, E., Karp, S.: A Manual for the Embedded Figures Test. Consulting Psychologists Press, Palo Alto (1971)Google Scholar
- 25.Tobii Pro Glasses 2. http://www.tobiipro.com/product-listing/tobii-pro-glasses-2/#Specifications. Accessed 19 Sep 2016
- 26.R Core Team: R: a language and environment for statistical computing. R Foundation for Statistical Computing, Vienna, Austria (2015). https://www.R-project.org/
- 27.Bates, D., Maechler, M., Bolker, B., Walker, S.: Fitting linear mixed-effects models using lme4. J. Stat. Softw. 67(1), 1–48 (2015)CrossRefGoogle Scholar
- 28.Dinno, A.: dunn.test: Dunn’s Test of Multiple Comparisons Using Rank Sums. R package version 1.3.1 (2015). http://CRAN.R-project.org/package=dunn.test
- 29.Winter, B., Grawunder, S.: The phonetic profile of Korean formality. J. Phon. 40, 808–815 (2012)CrossRefGoogle Scholar
- 30.Katsini, C., Fidas, C., Belk, M., Avouris, N., Samaras, G.: Influences of users’ cognitive strategies on graphical password composition. In: Extended Abstracts of the Conference on Human Factors in Computing Systems (CHI 2017), pp. 2698–2705. ACM Press (2017)Google Scholar
- 31.Raptis, G., Katsini, C., Belk, M., Fidas, C., Samaras, G., Avouris, N.: Using eye gaze data and visual activities to infer human cognitive styles: method and feasibility studies. In: Proceedings of the Conference on User Modeling, Adaptation and Personalization (UMAP 2017). ACM Press (2017, to appear)Google Scholar
- 32.Belk, M., Fidas, C., Germanakos, P., Samaras, G.: The interplay between humans, technology and user authentication: a cognitive processing perspective. Comput. Hum. Behav. (2017, to appear)Google Scholar
- 33.Belk, M., Pamboris, A., Fidas, C., Katsini, C., Avouris, N., Samaras, G.: Sweet-spotting security and usability for intelligent graphical authentication mechanisms. In: Proceedings of the Conference on Web Intelligence (WI 2017). ACM Press (2017, to appear)Google Scholar