Cited By
View all- Kamegne YOwusu EChakraborty J(2024)Usable Security: Cultural Impacts on Graphical Passwords UsabilityAdvances in Information and Communication10.1007/978-3-031-53960-2_2(10-20)Online publication date: 21-Mar-2024
A Case Study of Graphical Passwords in a Chinese University
Pages 175 - 180
Abstract
The strength and memorability of picture passwords, that corelate with user's visual behavior, not only diverse between their cognitive styles but also within the culture predispositions. As part of the works investigating this topic, this paper reports a case study investigating visual behavior of Chinese students (N=36) on establishing graphical password. To examine cognitive and visual behavior, we have provided our participants with two sets of images: the first set illustrated images highly related to their daily-life experiences (culture-internal), while the second set illustrated images presenting daily-life experiences in a different sociocultural context (culture-external). Our results have indicated that users spent more time exploring culture-internal, rather than culture-external photos before they made graphical password selection. Different content of our pictures also affected the percentage of password gestures chosen by participants with culture-external image type falling higher on hot-spots segments. Our study sustains previous findings that promote individual approach towards users' sociocultural experiences in the design of personalized graphical password schemes.
References
[1]
Shay, R., et al. Encountering stronger password requirements: user attitudes and behaviors. in Proceedings of the Sixth Symposium on Usable Privacy and Security. 2010.
[2]
Melicher, W., et al. Usability and security of text passwords on mobile devices. in Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems. 2016.
[3]
Forget, A., et al. Improving text passwords through persuasion. in Proceedings of the 4th symposium on Usable privacy and security. 2008.
[4]
Blonder, G.E., Graphical password. 1996, Google Patents.
[5]
Lashkari, A.H. and S. Farmand, A survey on usability and security features in graphical user authentication algorithms. IJCSNS International Journal of Computer Science and Network Security, 2009. 9(9): p. 195--204.
[6]
Albayati, M.R. and A.H. Lashkari. A new graphical password based on decoy image portions (gp-dip). in 2014 International Conference on Mathematics and Computers in Sciences and in Industry. 2014. IEEE.
[7]
Katsini, C., et al. Influences of human cognition and visual behavior on password strength during picture password composition. in Proceedings of the 2018 CHI conference on human factors in computing systems. 2018.
[8]
Chowdhury, S., R. Poet, and L. Mackenzie. A study of mnemonic image passwords. in 2014 Twelfth Annual International Conference on Privacy, Security and Trust. 2014. IEEE.
[9]
Suru, H.U. and P. Murano, Security and User Interface Usability of Graphical Authentication Systems--A Review.
[10]
Yesseyeva, E., et al., Tri-Pass: A new graphical user authentication scheme. International Journal of Circuits, Systems and Signal Processing, 2014. 8: p. 61--67.
[11]
Gao, H., et al., The hot-spots problem in windows 8 graphical password scheme, in Cyberspace Safety and Security. 2013, Springer. p. 349--362.
[12]
Gao, H., et al. Design and analysis of a graphical password scheme. in 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC). 2009. IEEE.
[13]
Van Oorschot, P.C. and J. Thorpe, Exploiting predictability in click-based graphical passwords. Journal of Computer Security, 2011. 19(4): p. 669--702.
[14]
Salehi-Abari, A., J. Thorpe, and P.C. Van Oorschot. On purely automated attacks and click-based graphical passwords. in 2008 Annual Computer Security Applications Conference (ACSAC). 2008. IEEE.
[15]
Rittenhouse, R.G., J.A. Chaudry, and M. Lee, Security in Graphical Authentication. International Journal of Security and Its Applications, 2013. 7(3).
[16]
Alt, F., et al. Graphical passwords in the wild: Understanding how users choose pictures and passwords in image-based authentication schemes. in Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services. 2015.
[17]
Chiang, H.-Y. and S. Chiasson. Improving user authentication on mobile devices: a touchscreen graphical password. in Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services. 2013.
[18]
Mihajlov, M. and B. Jerman-Bla?ic, On designing usable and secure recognition-based graphical authentication mechanisms. Interacting with Computers, 2011. 23(6): p. 582--593.
[19]
De Luca, A., M. Denzel, and H. Hussmann. Look into my Eyes! Can you guess my Password? in Proceedings of the 5th Symposium on Usable Privacy and Security. 2009.
[20]
Belk, M., et al. Sweet-spotting security and usability for intelligent graphical authentication mechanisms. in Proceedings of the International Conference on Web Intelligence. 2017.
[21]
Schaub, F., et al. Exploring the design space of graphical passwords on smartphones. in Proceedings of the Ninth Symposium on Usable Privacy and security. 2013.
[22]
Zhao, Z., et al. On the security of picture gesture authentication. in Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13). 2013.
[23]
Belk, M., et al., The interplay between humans, technology and user authentication: A cognitive processing perspective. Computers in Human Behavior, 2017. 76: p. 184--200.
[24]
Norenzayan, A., et al., Cultural preferences for formal versus intuitive reasoning. Cognitive science, 2002. 26(5): p. 653--684.
[25]
Kitayama, S., et al., Perceiving an object and its context in different cultures: A cultural look at new look. Psychological science, 2003. 14(3): p. 201--206.
[26]
Phillips, W.L., Cross-cultural differences in visual perception of color, illusions, depth, and pictures. Cross?Cultural Psychology: Contemporary Themes and Perspectives, 2019: p. 287--308.
[27]
Chua, H.F., J.E. Boland, and R.E. Nisbett, Cultural variation in eye movements during scene perception. Proceedings of the National Academy of Sciences, 2005. 102(35): p. 12629--12633.
[28]
Gutchess, A.H. and A. Indeck, Cultural influences on memory. Progress in brain research, 2009. 178: p. 137--150.
[29]
Rogoff, B. and J. Mistry, Memory development in cultural context, in Cognitive learning and memory in children. 1985, Springer. p. 117--142.
[30]
Millar, P.R., et al., Cross-cultural differences in memory specificity. Culture and Brain, 2013. 1(2--4): p. 138--157.
[31]
Nisbett, R.E. and T. Masuda, Culture and point of view. Proceedings of the National Academy of Sciences, 2003. 100(19): p. 11163--11170.
[32]
Aljahdali, H.M. and R. Poet. The affect of familiarity on the usability of recognition-based graphical passwords: Cross cultural study between saudi arabia and the united kingdom. in 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. 2013. IEEE.
[33]
Aljahdali, H.M. and R. Poet. Educated guessing attacks on culturally familiar graphical passwords using personal information on social networks. in Proceedings of the 7th International Conference on Security of Information and Networks. 2014.
[34]
Constantinides, A., et al. An eye gaze-driven metric for estimating the strength of graphical passwords based on image hotspots. in Proceedings of the 25th International Conference on Intelligent User Interfaces. 2020.
[35]
Constantinides, A., et al. On Cultural-centered Graphical Passwords: Leveraging on Users' Cultural Experiences for Improving Password Memorability. in Proceedings of the 26th Conference on User Modeling, Adaptation and Personalization. 2018.
[36]
ADEBOLA, O., et al., GRAPHICAL PASSWORD SCHEMES DESIGN: ENHANCING MEMORABILITY FEATURES USING AUTOBIOGRAPHICAL MEMORIES. Journal of Theoretical & Applied Information Technology, 2013. 53(1).
[37]
Somayaji, A., D. Mould, and C. Brown. Towards narrative authentication: or, against boring authentication. in Proceedings of the 2013 New Security Paradigms Workshop. 2013.
[38]
Yamamoto, T., et al. Improvement of User Authentication Using Schema of Visual Memory: Exploitation of" Schema of Story". in 22nd International Conference on Advanced Information Networking and Applications (aina 2008). 2008. IEEE.
[39]
Das, S., E. Hayashi, and J.I. Hong. Exploring capturable everyday memory for autobiographical authentication. in Proceedings of the 2013 ACM international joint conference on Pervasive and ubiquitous computing. 2013.
[40]
Constantinides, A., et al. "I Recall this Picture": Understanding Picture Password Selections based on Users' Sociocultural Experiences. in IEEE/WIC/ACM International Conference on Web Intelligence. 2019.
[41]
Johnson, J., et al., Picture gesture authentication. 2014, Google Patents.
[42]
Dunphy, P. and J. Yan. Do background images improve" draw a secret" graphical passwords? in Proceedings of the 14th ACM conference on Computer and communications security. 2007.
[43]
Zhao, Z., G.-J. Ahn, and H. Hu, Picture gesture authentication: Empirical analysis, automated attacks, and scheme evaluation. ACM Transactions on Information and System Security (TISSEC), 2015. 17(4): p. 1--37.
[44]
Wiedenbeck, S., et al. Authentication using graphical passwords: Effects of tolerance and image choice. in Proceedings of the 2005 symposium on Usable privacy and security. 2005.
[45]
Katsini, C., et al., Influences of Human Cognition and Visual Behavior on Password Strength during Picture Password Composition, in Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems. 2018, Association for Computing Machinery: Montreal QC, Canada. p. Paper 87.
[46]
Team, R.C., R: A language and environment for statistical computing. 2013.
[47]
Bates, D., et al., Fitting linear mixed-effects models using lme4. arXiv preprint arXiv:1406.5823, 2014.
[48]
Pinero, J. and D. Bates, Mixed-effects models in S and S-PLUS (statistics and computing). 2000, Springer, New York.
[49]
Winter, B. and S. Grawunder, The phonetic profile of Korean formal and informal speech registers. Journal of Phonetics, 2012. 40(6): p. 808--815.
[50]
Stobert, E. and R. Biddle. Memory retrieval and graphical passwords. in Proceedings of the ninth symposium on usable privacy and security. 2013.
[51]
Masuda, T. and R.E. Nisbett, Attending holistically versus analytically: comparing the context sensitivity of Japanese and Americans. Journal of personality and social psychology, 2001. 81(5): p. 922.
[52]
Tulving, E., Episodic and semantic memory. Organization of memory, 1972. 1: p. 381--403.
Index Terms
- A Case Study of Graphical Passwords in a Chinese University
Recommendations
On the Accuracy of Eye Gaze-driven Classifiers for Predicting Image Content Familiarity in Graphical Passwords
UMAP '19: Proceedings of the 27th ACM Conference on User Modeling, Adaptation and PersonalizationGraphical passwords leverage the picture superiority effect to enhance memorability, and reflect today's haptic users' interaction realms. Images related to users' past sociocultural experiences (e.g., retrospective) enable the creation of memorable and ...
A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords
SOUPS '06: Proceedings of the second symposium on Usable privacy and securityPrevious research has found graphical passwords to be more memorable than non-dictionary or "strong" alphanumeric passwords. Participants in a prior study expressed concerns that this increase in memorability could also lead to an increased ...
Multiple password interference in text passwords and click-based graphical passwords
CCS '09: Proceedings of the 16th ACM conference on Computer and communications securityThe underlying issues relating to the usability and security of multiple passwords are largely unexplored. However, we know that people generally have difficulty remembering multiple passwords. This reduces security since users reuse the same password ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
July 2020
395 pages
Copyright © 2020 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 13 July 2020
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
UMAP '20: 28th ACM Conference on User Modeling, Adaptation and Personalization
July 14 - 17, 2020
Genoa, Italy
Acceptance Rates
Overall Acceptance Rate 162 of 633 submissions, 26%
Upcoming Conference
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 82Total Downloads
- Downloads (Last 12 months)13
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Jan 2025
Other Metrics
Citations
Cited By
View all- Kamegne YOwusu EChakraborty J(2024)Usable Security: Cultural Impacts on Graphical Passwords UsabilityAdvances in Information and Communication10.1007/978-3-031-53960-2_2(10-20)Online publication date: 21-Mar-2024
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in