Advertisement

Can Background Baroque Music Help to Improve the Memorability of Graphical Passwords?

  • Haichang Gao
  • Xiuling Chang
  • Zhongjie Ren
  • Uwe Aickelin
  • Liming Wang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6112)

Abstract

Graphical passwords have been proposed as an alternative to alphanumeric passwords with their advantages in usability and security. However, they still tend to follow predictable patterns that are easier for attackers to exploit, probably due to users’ memory limitations. Various literatures show that baroque music has positive effects on human learning and memorizing. To alleviate users’ memory burden, we investigate the novel idea of introducing baroque music to graphical password schemes (specifically DAS, PassPoints and Story) and conduct a laboratory study to see whether it is helpful. In a ten minutes short-term recall, we found that participants in all conditions had high recall success rates that were not statistically different from each other. After one week, the music group coped PassPoints passwords significantly better than the group without music. But there was no statistical difference between two groups in recalling DAS passwords or Story passwords. Further more, we found that the music group tended to set significantly more complicated PassPoints passwords but less complicated DAS passwords.

Keywords

Graphical password Baroque music Memorability DAS  Passpoints 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Madigan, S.: Picture memory. In: Imagery, Memory, and Cognition, pp. 65–86. Lawrence Erlbaum Associates, Mahwah (1983)Google Scholar
  2. 2.
    Nelson, D.L., Reed, U.S., Walling, J.R.: Picture superiority effect. Journal of Experimental Psychology: Human Learning and Memory 3, 485–497 (1977)CrossRefGoogle Scholar
  3. 3.
    Blonder, G.E.: Graphical password. US Patent 5559961, Lucent Technologies, Inc., Murray Hill (August 30, 1995)Google Scholar
  4. 4.
    Jermyn, I., Mayer, A., Monrose, F., Reiter, M., Rubin, A.: The design and analysis of graphical passwords. In: Proceedings of the 8th USENIX Security Symposium (August 1999)Google Scholar
  5. 5.
    Dhamija, R., Perrig, A.: Déjà Vu: A User Study Using Images for Authentication. In: 9th USENIX Security Symposium (2000)Google Scholar
  6. 6.
    Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: Proceedings of the 13th Usenix Security Symposium, San Diego, CA (2004)Google Scholar
  7. 7.
    Wiedenbeck, S., Waters, J., Birget, J.C., Brodskiy, A., Memon, N.: Design and longitudinal evaluation of a graphical password system. International J. of Human-Computer Studies 63, 102–127 (2005)CrossRefGoogle Scholar
  8. 8.
    Goldberg, J., Hagman, J., Sazawal, V.: Doodling Our Way to Better Authentication. Presented at Proceedings of Human Factors in Computing Systems (CHI), Minneapolis, Minnesota, USA (2002)Google Scholar
  9. 9.
    Syukri, A.F., Okamoto, E., Mambo, M.: A User Identification System Using Signature Written with Mouse. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 403–441. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  10. 10.
    Passfaces, http://www.realuser.com (site accessed January 10, 2010)
  11. 11.
    Notoatmodjo, G.: Exploring the ‘Weakest Link’: A Study of Personal Password Security. Thesis of Master Degree, The University of Auckland, New Zealand (2007)Google Scholar
  12. 12.
    Dirik, A.E., Memon, N., Birget, J.C.: Modeling user choice in the PassPoints graphical password scheme. In: Symp. on Usable Privacy and Security, SOUPS (2007)Google Scholar
  13. 13.
    Thorpe, J., van Oorschot, P.C.: Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords. In: USENIX Security Symp. 2007 (2007)Google Scholar
  14. 14.
    Nali, D., Thorpe, J.: Analyzing User Choice in Graphical Passwords.Technical Report, School of Information Technology and Engineering, University of Ottawa, Canada (May 27, 2004)Google Scholar
  15. 15.
    Valentine, T.: An evaluation of the Passface personal authentication system. Technical Report, Goldsmiths College, University of London (1998)Google Scholar
  16. 16.
    Valentine, T.: Memory for Passfaces after a Long Delay, Technical Report, Goldsmiths College, University of London (1999)Google Scholar
  17. 17.
    Weinshall, D., Kirkpatrick, A.S.: Passwords you’ll never forget, but can’t recall. In: Proc. CHI 2004 (2004)Google Scholar
  18. 18.
    Higbee, K.L.: Your Memory: How it Works and How to Improve it, 2nd edn. Prentice- Hall Press, New York (1988)Google Scholar
  19. 19.
    DeAngeli, A., Coventry, L., Johnson, G., Renaud, K.: Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems. International Journal of Human-Computer Studies 63, 128–152 (2005)CrossRefGoogle Scholar
  20. 20.
    Fassbender, E., Richards, D., Kavakli, M.: Game engineering approach to the effect of music on learning in virtual-immersive environments. In: International Conference on Games Research and Development: CyberGames, Western Australia (2006)Google Scholar
  21. 21.
    Gao, H., Guo, X., Chen, X., Wang, L., Liu, X.: YAGP: Yet Another Graphical Password Strategy. In: ACSAC, California, USA, pp. 121–129 (2008)Google Scholar
  22. 22.
    Lozanov, G.: Suggestology and Suggestopedy, http://lozanov.hit.bg/
  23. 23.
    Rauscher, F.H., Shaw, G.L., Ky, K.N.: Music and spatial task performance. Nature 365(6447), 611 (1993)CrossRefGoogle Scholar
  24. 24.
    Wiedenbeck, S., Waters, J., Birget, J.C., Brodskiy, A., Memon, N.: Authentication using graphical passwords: Effects of tolerance and image choice. In: Symposium on Usable Privacy and Security (SOUPS). Carnegie-Mellon University, Pittsburgh (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Haichang Gao
    • 1
    • 2
  • Xiuling Chang
    • 1
  • Zhongjie Ren
    • 1
  • Uwe Aickelin
    • 2
  • Liming Wang
    • 1
  1. 1.Software Engineering InstituteXidian UniversityXi’anP.R. China
  2. 2.School of Computer ScienceThe University of NottinghamNottinghamU.K.

Personalised recommendations