Advertisement

Comparison Between BlindLogin and Other Graphical Password Authentication Systems

  • Yean Li HoEmail author
  • Siong Hoe Lau
  • Afizan Azman
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1132)

Abstract

This pilot study was done to evaluate the picture superiority effect on the memorability and usability of BlindLogin based on the Usability-Deployability-Security (UDS) Model and to compare the results with other graphical password authentication systems found in literature. The results from this pilot study indicated that the visually impaired users generally thought that BlindLogin was better than the textual password based on all the UDS Model usability criteria. The results further indicated that BlindLogin was significantly better than textual passwords in four usability criteria (Memorywise Effortless, Infrequent Errors, Efficient to Use and Physically Effortless). For Memorywise-Effortless, BlindLogin (p < 0.012) is more significant than Image PassTiles (p < 0.013) and much more significant than Object PassTiles (p < 0.045). For Infrequent Errors, BlindLogin (p < 0.015) is almost as significant as Passpoints (p < 0.013). The security of BlindLogin was also assessed by tabulating the password space and launching a dictionary attack and a brute-force attack using the capabilities of the cloud. The results showed that it would take about 48188.59 years to brute-force a BlindLogin password using the capabilities of the cloud, which is better than DAS (541.8 years) and Grid Selection (541.8 years). As currently graphical authentication systems designed for the visually impaired have yet to be found in literature, BlindLogin has been shown to be a memorable and usable graphical authentication system for visually impaired users as compared to other graphical password systems which was designed only for sighted users on the mobile platform.

Keywords

Visually impaired Blind Authentication Graphical passwords Human computer interaction security Usability Mobile Smartphone 

References

  1. 1.
    Blonder, G.: Graphical password. US patent 5,559,961, field, 30 Aug 1995, and issued 24 Sept 1996 (1996)Google Scholar
  2. 2.
    Thorpe, J., van Oorschot, P.C.: Towards secure design choices for implementing graphical passwords. In: 20th Annual Computer Security Applications Conference, pp. 50–60 (2004)Google Scholar
  3. 3.
    Paivio, A., Rogers, T.B., Smythe, P.C.: Why are pictures easier to recall than words? Psychon. Sci. 11(4), 137–138 (1968)CrossRefGoogle Scholar
  4. 4.
    Lin, P.L., Weng, L.T., Huang, P.W.: Graphical passwords using images with random tracks of geometric shapes. In: Proceedings - 1st International Congress on Image and Signal Processing, CISP 2008, vol. 3, pp. 27–31 (2008)Google Scholar
  5. 5.
    Khan, W.Z., Aalsalem, M.Y., Xiang, Y.: A graphical password based system for small mobile devices. Int. J. Comput. Sci. Issues 8(5), 145–154 (2011)Google Scholar
  6. 6.
    Ray, P.P.: Ray’s scheme: graphical password based hybrid authentication system for smart hand held devices. J. Inf. Eng. Appl. 2(2), 1–12 (2012)Google Scholar
  7. 7.
    Stobert, E., Biddle, R.: Memory retrieval and graphical passwords. In: Proceedings of the Ninth Symposium on Usable Privacy and Security - SOUPS 2013 (2013)Google Scholar
  8. 8.
    Gehring, R.E., Toglia, M.P., Kimble, G.A.: Recognition memory for words and pictures at short and long retention intervals. Mem. Cogn. 4(3), 256–260 (1976)CrossRefGoogle Scholar
  9. 9.
    De Angeli, A., Coventry, L., Johnson, G., Renaud, K.: Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems. Int. J. Hum Comput Stud. 63(1–2), 128–152 (2005)CrossRefGoogle Scholar
  10. 10.
    Crutcher, R.J., Beer, J.M.: An auditory analog of the picture superiority effect. Mem. Cogn. 39(1), 63–74 (2014)CrossRefGoogle Scholar
  11. 11.
    Gloede, M.E., Paulauskas, E.E., Gregg, M.K.: Experience and information loss in auditory and visual memory. Q. J. Exp. Psychol. 70(7), 1344–1352 (2017)CrossRefGoogle Scholar
  12. 12.
    Oates, J.M., Reder, L.M.: Memory for pictures: sometimes a picture is not worth a single word. In: Benjamin, A.S. (ed.) Successful Remembering and Successful Forgetting: A Festschrift in Honor of Robert A. Bjork, pp. 447–462 (2010)Google Scholar
  13. 13.
    Ho, Y.L., Azman, A., Lau, S.H.: An analysis of graphical user authentication systems. In: 9th International Conference on IT in Asia (CITA 2015) (2015)Google Scholar
  14. 14.
    Ho, Y.L., Bendrissou, B., Azman, A., Lau, S.H.: BlindLogin: a graphical authentication system with support for blind and visually impaired users on smartphones. Am. J. Appl. Sci. 14, 551–559 (2017)CrossRefGoogle Scholar
  15. 15.
    Dhamija, R., Perrig, A.: Déjà Vu : a user study using images for authentication. In: Human Factors (2000)Google Scholar
  16. 16.
    Brostoff, S., Sasse, M.A.: Are passfaces more usable than passwords? Field Trial Invest. HCI 2000, 1–20 (2000)Google Scholar
  17. 17.
    Jansen, W., Gavrila, S., Korolev, V., Ayers, R., Swanstrom, R.: Picture password: a visual login technique for mobile devices. NISTIR 7030 (2003)Google Scholar
  18. 18.
    Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., Memon, N.: Authentication using graphical passwords : effects of tolerance and image choice. In: Proceedings of the 2005 Symposium on Usable Privacy and Security (SOUPS 2005), pp. 1–12 (2005)Google Scholar
  19. 19.
    Yampolskiy, R.V.: User authentication via behavior based passwords. In: Systems, Applications and Technology Conference, 2007. LISAT 2007. IEEE Long Island, pp. 1–8 (2007)Google Scholar
  20. 20.
    Stobert, E., Forget, A., Chiasson, S., Van Oorschot, P.C., Biddle, R.: Exploring usability effects of increasing security in click-based graphical passwords. In: ACSAC 2010, pp. 79–88 (2010)Google Scholar
  21. 21.
    Liu, X., Qiu, J., Ma, L., Gao, H., Ren, Z.: A novel cued-recall graphical password scheme. In: 2011 Sixth International Conference on Image and Graphics, pp. 949–956 (2011)Google Scholar
  22. 22.
    Sun, H.-M., Chen, Y.-H., Fang, C.-C., Chang, S.-Y.: PassMap: a map based graphical-password authentication system categories and subject descriptors. In: ASIACCS 2012, pp. 2–6 (2012)Google Scholar
  23. 23.
    Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of the 8th USENIX Security Symposium (1999)Google Scholar
  24. 24.
    Tao, H.: Pass-Go, a new graphical password scheme. Master’s thesis, School of Information Technology and Engineering, University of Ottawa (2006)Google Scholar
  25. 25.
    Chakrabarti, S., Landon, G.V., Singal, M.: Graphical passwords: drawing a secret with rotation as a new degree of freedom. In: Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks (AsiaCSN 2007), pp. 114–120 (2007)Google Scholar
  26. 26.
    Marchetto, J.: pinPass.js: Easy to Use, Easy to Deploy Graphical Passwords, pp. 3–5 (n.d.)Google Scholar
  27. 27.
    Mahansaria, D., Shyam, S., Samuel, A., Teja, R.: A fast and secure software solution [SS7.0] that counters shoulder surfing attack. In: Proceedings of the 13th IASTED International Conference Software Engineering and Applications (SEA 2009), pp. 190–195 (2009)Google Scholar
  28. 28.
    Zheng, Z., Liu, X., Yin, L., Liu, Z.: A hybrid password authentication scheme based on shape and text. J. Comput. 5(5), 765–772 (2010)CrossRefGoogle Scholar
  29. 29.
    Imran, Z., Nizami, R.: Advance secure login. Int. J. Sci. Res. Publ. 1(1), 1–4 (2011)Google Scholar
  30. 30.
    Chen, Y.-L., Ku, W.-C., Yeh, Y.-C., Liao, D.-M.: A simple text-based shoulder surfing resistant graphical password scheme. In: 2013 International Symposium on Next-Generation Electronics, pp. 161–164 (2013)Google Scholar
  31. 31.
    Bonneau, J., Herley, C., Van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 553–567 (2012)Google Scholar
  32. 32.
    Bonner, M.N., Brudvik, J.T., Abowd, G.D., Edwards, W.K.: No-look notes: accessible eyes-free multi-touch text entry. In: Floréen, P., Krüger, A., Spasojevic, M. (eds.) Pervasive 2010. LNCS, vol. 6030, pp. 409–426. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-12654-3_24CrossRefGoogle Scholar
  33. 33.
    Grussenmeyer, W., Folmer, E.: Accessible touchscreen technology for people with visual impairments: a survey. J. ACM Trans. Accessible Comput. (TACCESS) 9(2), Article no. 6 (2017)CrossRefGoogle Scholar
  34. 34.
    Chiasson, S., Biddle, R., van Oorschot, P.C.: A second look at the usability of click-based graphical passwords. In: Symposium on Usable Privacy and Security (SOUPS) 2007, pp. 1–12 (2007)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.Multimedia UniversityMelakaMalaysia
  2. 2.Melaka International College of Science and TechnologyMelakaMalaysia

Personalised recommendations