Graphical Authentication Schemes: Balancing Amount of Image Distortion

Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 782)


Graphical authentication schemes offer a more memorable alternative to conventional passwords. One common criticism of graphical passcodes is the risk for observability by unauthorized onlookers. This type of threat is referred to as an Over-the-Shoulder Attack (OSA). A strategy to prevent casual OSAs is to distort the images, making them difficult for onlookers to recognize. Critically, the distortion should not harm legitimate users’ ability to recognize their passcode images. If designers select the incorrect amount of distortion, the passcode images could become vulnerable to attackers or images could become unrecognizable by users rendering the system useless for authentication. We suggest graphical authentication designers can distort images at brushstroke size 10 for a 112 × 90-pixel image to maintain user recognition and decrease casual OSAs. Also, we present mathematical equations to explicitly communicate the image distortion process to facilitate implementation of this OSA resistant approach.


Graphical authentication Cybersecurity Distorted images 


  1. 1.
    Hayashi, E., Dhamija, R., Christin, N., Perrig, A.: Use your illusion: secure authentication usable anywhere. In: Proceedings of the 4th Symposium on Usable Privacy and Security, pp. 35–45 (2008)Google Scholar
  2. 2.
    Leu, E.: Authentication Trends for 2017, 8 June 2017. Upwork Global Inc.: Accessed 20 Sept 2017
  3. 3.
    Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password memorability and security: empirical results. IEEE Secur. Priv. 2(5), 25–31 (2004)CrossRefGoogle Scholar
  4. 4.
    Still, J.D., Cain, A., Schuster, D.: Human-centered authentication guidelines. Inf. Comput. Secur. 25(4), 437–453 (2017)Google Scholar
  5. 5.
    Grawemeyer, B., Johnson, H.: Using and managing multiple passwords: a week to a view. Interact. Comput. 23(3), 256–267 (2011)CrossRefGoogle Scholar
  6. 6.
    Paivio, A.: Imagery and Verbal Processes. Psychology Press, London (2013)Google Scholar
  7. 7.
    Cain, A.A., Still, J.D.: A rapid serial visual presentation method for graphical authentication. In: Nicholson, D. (ed.) Advances in Human Factors in Cybersecurity, pp. 3–11. Springer, Cham (2016)CrossRefGoogle Scholar
  8. 8.
    Sasamoto, H., Christin, N., Hayashi, E.: Undercover: authentication usable in front of prying eyes. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 183–192. ACM, April 2008Google Scholar
  9. 9.
    English, R., Poet, R.: The effectiveness of intersection attack countermeasures for graphical passwords. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1–8. IEEE, June 2012Google Scholar
  10. 10.
    Gregory, R.: The Intelligent Eye. McGraw-Hill Book Company, New York City (1970)Google Scholar
  11. 11.
    Santhosh, G.: Oil Paint Effect: Implementation of Oil Painting Effect on an Image, 20 October 2012. Code
  12. 12.
    Hardelin, J., Joost, R., Claussner, S.: GNU Image Manipulation Program User Manual, 29 September 2016.
  13. 13.
    Hummel, R.: Image Enhancement by Histogram Transformation (No. TR-411). Maryland University College Park Computer Science Center (1975)Google Scholar
  14. 14.
    Sonka, M., Hlavac, V., Boyle, R.: Image Processing, Analysis, and Machine Vision. Cengage Learning, Stamford (2014)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Psychology, Psychology of Design LaboratoryOld Dominion UniversityVirginiaUSA

Personalised recommendations