Evaluation of recognition-based graphical password schemes in terms of usability and security attributes

Abstract

User Authentication is a critical component in information security. Several widely used mechanisms for security to protect services from illegal access include alphanumerical usernames passwords. However, there are several drawbacks attached in this method. For instance, the users themselves usually those passwords that are easy to guess. As difficult passwords are difficult to recall. A new alternative is the graphic-based password and there has been a growing trend in the use of such a password. The human psychology study reveals that humans find it easier to remember pictures as opposed to words. There are two main aspects to the graphical password scheme, namely security and usability. This study comprises of a comprehensive research in the current Recognition-Based graphical password schemes. The common usability attributes and possible attacks on the Recognition-Based graphical password are reviewed, identified and examined in detail. There are several previous surveys on the graphical passwords. The latest research review and summarize graphical password systems concisely and at the same time, analyze usability features for every design. However it was found that there is not a single method that has the most resounding usability attributes. Therefore, this research suggests a set of usability attributes that can be applied into a single Recognition-Based graphical password system. In addition, this study examines and compares success rates on login, login time and memorability of existing systems which are the usability measures most often reported in user studies of graphical passwords. Lastly, a comparison table is revealed to put forth the limitations and strengths of each approach in terms of security and usability.