Exploring the Use of Discrete Gestures for Authentication

  • Ming Ki Chong
  • Gary Marsden
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5727)


Research in user authentication has been a growing field in HCI. Previous studies have shown that peoples’ graphical memory can be used to increase password memorability. On the other hand, with the increasing number of devices with built-in motion sensors, kinesthetic memory (or muscle memory) can also be exploited for authentication. This paper presents a novel knowledge-based authentication scheme, called gesture password, which uses discrete gestures as password elements. The research presents a study of multiple password retention using PINs and gesture passwords. The study reports that although participants could use kinesthetic memory to remember gesture passwords, retention of PINs is far superior to retention of gesture passwords.


User authentication gesture passwords discrete gestures 


  1. 1.
    Adams, A., Sasse, M.: Users are not the enemy. Communications of the ACM 42(12), 41–46 (1999)CrossRefGoogle Scholar
  2. 2.
    Renaud, K.: Evaluating Authentication Mechanisms. In: Cranor, L., Garfinkel, S. (eds.) Security and Usability, pp. 103–128. O’Reilly Media, Inc., Sebastopol (2005)Google Scholar
  3. 3.
    Nelson, D.L., Reed, U.S., Walling, J.R.: Picture Superiority Effect. Journal of Experimental Psychology: Human Learning & Memory 2, 523–528 (1976)Google Scholar
  4. 4.
    Paivio, A., Csapo, K.: Picture superiority in free recall: Imagery or dual coding? Cognitive Psychology 5(2), 176–206 (1973)CrossRefGoogle Scholar
  5. 5.
    Dhamija, R., Perrig, A.: Déjà vu: A user study using images for authentication. In: Proceedings of the 9th USENIX Security Symposium (2000) Google Scholar
  6. 6.
    Moncur, W., Leplâtre, G.: Pictures at the ATM: Exploring the usability of multiple graphical passwords. In: Proceedings of the SIGCHI conference on Human factors in computing systems, pp. 887–894. ACM Press, New York (2007)CrossRefGoogle Scholar
  7. 7.
    Williamson, J., Murray-Smith, R., Hughes, S.: Shoogle: Excitatory multimodal interaction on mobile devices. In: Proceedings of the SIGCHI conference on Human factors in computing systems, pp. 121–124. ACM Press, New York (2007)CrossRefGoogle Scholar
  8. 8.
    Patel, S., Pierce, J., Abowd, G.: A gesture-based authentication scheme for untrusted public Terminals. In: Proceedings of the 17th annual ACM symposium on User interface software and technology, pp. 157–160. ACM Press, New York (2004)CrossRefGoogle Scholar
  9. 9.
    Mayrhofer, R., Gellersen, H.: Shake well before use: Authentication based on accelerometer data. In: Proceedings of the 5th International Conference on Pervasive Computing, pp. 144–161. Springer, London (2007)Google Scholar
  10. 10.
    De Luca, A., Weiss, R., Hussmann, H.: PassShape: stroke based shape passwords. In: Proceedings of the 19th Australasian conference on Computer-Human Interaction, pp. 239–240. ACM Press, New York (2007)Google Scholar
  11. 11.
    Weiss, R., De Luca, A.: PassShapes: utilizing stroke based authentication to increase password memorability. In: Proceedings of the 5th Nordic conference on Human-computer interaction: building bridges, pp. 383–392. ACM Press, New York (2008)CrossRefGoogle Scholar
  12. 12.
    Sharp, H., Rogers, Y., Preece, J.: Interaction Design: Beyond Human-Computer Interaction, 2nd edn. John Wiley & Sons, Chichester (2007)Google Scholar
  13. 13.

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Ming Ki Chong
    • 1
  • Gary Marsden
    • 1
  1. 1.Department of Computer ScienceUniversity of Cape TownCape TownSouth Africa

Personalised recommendations