Abstract
This pilot study was done to evaluate the picture superiority effect on the memorability and usability of BlindLogin based on the Usability-Deployability-Security (UDS) Model and to compare the results with other graphical password authentication systems found in literature. The results from this pilot study indicated that the visually impaired users generally thought that BlindLogin was better than the textual password based on all the UDS Model usability criteria. The results further indicated that BlindLogin was significantly better than textual passwords in four usability criteria (Memorywise Effortless, Infrequent Errors, Efficient to Use and Physically Effortless). For Memorywise-Effortless, BlindLogin (p < 0.012) is more significant than Image PassTiles (p < 0.013) and much more significant than Object PassTiles (p < 0.045). For Infrequent Errors, BlindLogin (p < 0.015) is almost as significant as Passpoints (p < 0.013). The security of BlindLogin was also assessed by tabulating the password space and launching a dictionary attack and a brute-force attack using the capabilities of the cloud. The results showed that it would take about 48188.59 years to brute-force a BlindLogin password using the capabilities of the cloud, which is better than DAS (541.8 years) and Grid Selection (541.8 years). As currently graphical authentication systems designed for the visually impaired have yet to be found in literature, BlindLogin has been shown to be a memorable and usable graphical authentication system for visually impaired users as compared to other graphical password systems which was designed only for sighted users on the mobile platform.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Blonder, G.: Graphical password. US patent 5,559,961, field, 30 Aug 1995, and issued 24 Sept 1996 (1996)
Thorpe, J., van Oorschot, P.C.: Towards secure design choices for implementing graphical passwords. In: 20th Annual Computer Security Applications Conference, pp. 50–60 (2004)
Paivio, A., Rogers, T.B., Smythe, P.C.: Why are pictures easier to recall than words? Psychon. Sci. 11(4), 137–138 (1968)
Lin, P.L., Weng, L.T., Huang, P.W.: Graphical passwords using images with random tracks of geometric shapes. In: Proceedings - 1st International Congress on Image and Signal Processing, CISP 2008, vol. 3, pp. 27–31 (2008)
Khan, W.Z., Aalsalem, M.Y., Xiang, Y.: A graphical password based system for small mobile devices. Int. J. Comput. Sci. Issues 8(5), 145–154 (2011)
Ray, P.P.: Ray’s scheme: graphical password based hybrid authentication system for smart hand held devices. J. Inf. Eng. Appl. 2(2), 1–12 (2012)
Stobert, E., Biddle, R.: Memory retrieval and graphical passwords. In: Proceedings of the Ninth Symposium on Usable Privacy and Security - SOUPS 2013 (2013)
Gehring, R.E., Toglia, M.P., Kimble, G.A.: Recognition memory for words and pictures at short and long retention intervals. Mem. Cogn. 4(3), 256–260 (1976)
De Angeli, A., Coventry, L., Johnson, G., Renaud, K.: Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems. Int. J. Hum Comput Stud. 63(1–2), 128–152 (2005)
Crutcher, R.J., Beer, J.M.: An auditory analog of the picture superiority effect. Mem. Cogn. 39(1), 63–74 (2014)
Gloede, M.E., Paulauskas, E.E., Gregg, M.K.: Experience and information loss in auditory and visual memory. Q. J. Exp. Psychol. 70(7), 1344–1352 (2017)
Oates, J.M., Reder, L.M.: Memory for pictures: sometimes a picture is not worth a single word. In: Benjamin, A.S. (ed.) Successful Remembering and Successful Forgetting: A Festschrift in Honor of Robert A. Bjork, pp. 447–462 (2010)
Ho, Y.L., Azman, A., Lau, S.H.: An analysis of graphical user authentication systems. In: 9th International Conference on IT in Asia (CITA 2015) (2015)
Ho, Y.L., Bendrissou, B., Azman, A., Lau, S.H.: BlindLogin: a graphical authentication system with support for blind and visually impaired users on smartphones. Am. J. Appl. Sci. 14, 551–559 (2017)
Dhamija, R., Perrig, A.: Déjà Vu : a user study using images for authentication. In: Human Factors (2000)
Brostoff, S., Sasse, M.A.: Are passfaces more usable than passwords? Field Trial Invest. HCI 2000, 1–20 (2000)
Jansen, W., Gavrila, S., Korolev, V., Ayers, R., Swanstrom, R.: Picture password: a visual login technique for mobile devices. NISTIR 7030 (2003)
Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., Memon, N.: Authentication using graphical passwords : effects of tolerance and image choice. In: Proceedings of the 2005 Symposium on Usable Privacy and Security (SOUPS 2005), pp. 1–12 (2005)
Yampolskiy, R.V.: User authentication via behavior based passwords. In: Systems, Applications and Technology Conference, 2007. LISAT 2007. IEEE Long Island, pp. 1–8 (2007)
Stobert, E., Forget, A., Chiasson, S., Van Oorschot, P.C., Biddle, R.: Exploring usability effects of increasing security in click-based graphical passwords. In: ACSAC 2010, pp. 79–88 (2010)
Liu, X., Qiu, J., Ma, L., Gao, H., Ren, Z.: A novel cued-recall graphical password scheme. In: 2011 Sixth International Conference on Image and Graphics, pp. 949–956 (2011)
Sun, H.-M., Chen, Y.-H., Fang, C.-C., Chang, S.-Y.: PassMap: a map based graphical-password authentication system categories and subject descriptors. In: ASIACCS 2012, pp. 2–6 (2012)
Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of the 8th USENIX Security Symposium (1999)
Tao, H.: Pass-Go, a new graphical password scheme. Master’s thesis, School of Information Technology and Engineering, University of Ottawa (2006)
Chakrabarti, S., Landon, G.V., Singal, M.: Graphical passwords: drawing a secret with rotation as a new degree of freedom. In: Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks (AsiaCSN 2007), pp. 114–120 (2007)
Marchetto, J.: pinPass.js: Easy to Use, Easy to Deploy Graphical Passwords, pp. 3–5 (n.d.)
Mahansaria, D., Shyam, S., Samuel, A., Teja, R.: A fast and secure software solution [SS7.0] that counters shoulder surfing attack. In: Proceedings of the 13th IASTED International Conference Software Engineering and Applications (SEA 2009), pp. 190–195 (2009)
Zheng, Z., Liu, X., Yin, L., Liu, Z.: A hybrid password authentication scheme based on shape and text. J. Comput. 5(5), 765–772 (2010)
Imran, Z., Nizami, R.: Advance secure login. Int. J. Sci. Res. Publ. 1(1), 1–4 (2011)
Chen, Y.-L., Ku, W.-C., Yeh, Y.-C., Liao, D.-M.: A simple text-based shoulder surfing resistant graphical password scheme. In: 2013 International Symposium on Next-Generation Electronics, pp. 161–164 (2013)
Bonneau, J., Herley, C., Van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 553–567 (2012)
Bonner, M.N., Brudvik, J.T., Abowd, G.D., Edwards, W.K.: No-look notes: accessible eyes-free multi-touch text entry. In: Floréen, P., Krüger, A., Spasojevic, M. (eds.) Pervasive 2010. LNCS, vol. 6030, pp. 409–426. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12654-3_24
Grussenmeyer, W., Folmer, E.: Accessible touchscreen technology for people with visual impairments: a survey. J. ACM Trans. Accessible Comput. (TACCESS) 9(2), Article no. 6 (2017)
Chiasson, S., Biddle, R., van Oorschot, P.C.: A second look at the usability of click-based graphical passwords. In: Symposium on Usable Privacy and Security (SOUPS) 2007, pp. 1–12 (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ho, Y.L., Lau, S.H., Azman, A. (2020). Comparison Between BlindLogin and Other Graphical Password Authentication Systems. In: Anbar, M., Abdullah, N., Manickam, S. (eds) Advances in Cyber Security. ACeS 2019. Communications in Computer and Information Science, vol 1132. Springer, Singapore. https://doi.org/10.1007/978-981-15-2693-0_17
Download citation
DOI: https://doi.org/10.1007/978-981-15-2693-0_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-2692-3
Online ISBN: 978-981-15-2693-0
eBook Packages: Computer ScienceComputer Science (R0)