Investigating the Combination of Text and Graphical Passwords for a more secure and usable experience

C Singh 1 , L Singh 2 1 Chandrashekar Singh Chandrashekar1990@hotmail.com 2 Lenandlar Singh Lecturer, University of Guyana lenandlar.singh@uog.edu.gy Security has been an issue from the inception of computer systems and experts have related security issues with usability. Secured systems must be usable to maintain intended security. Password Authentication Systems have either been usable and not secure, or secure and not usable. Increasing either tends to complicate the other. Text passwords are widely used but suffer from poor usability, reducing its security. Graphical Passwords, while usable, does not seem to have the security necessary to replace text passwords. Attempts using text or graphics only have mixed results. A combination password is proposed as a potential solution to the problem. This paper explores combination as a means of solving this password problem. We implemented three password systems: Text only, Graphics only and a Combination of Text and Graphics. Remote evaluations were conducted with 105 computer science students. Results from our evaluations, though not conclusive, suggest promise for combination passwords.

[1]  Tadayoshi Kohno,et al.  A comprehensive study of frequency, interference, and training of multiple graphical passwords , 2009, CHI.

[2]  Patrick Olivier,et al.  Securing passfaces for description , 2008, SOUPS '08.

[3]  Alexander De Luca,et al.  A privacy-respectful input method for public terminals , 2008, NordiCHI.

[4]  Cheryl V. Hinds,et al.  Increasing security and usability of computer systems with graphical passwords , 2007, ACM-SE 45.

[5]  Paul C. van Oorschot,et al.  TwoStep: An Authentication Method Combining Text and Graphical Passwords , 2009, MCETECH.

[6]  Robert Biddle,et al.  A second look at the usability of click-based graphical passwords , 2007, SOUPS '07.

[7]  Robert Biddle,et al.  Graphical Password Authentication Using Cued Click Points , 2007, ESORICS.

[8]  Sonia Chiasson,et al.  Usable authentication and click-based graphical passwords , 2009 .

[9]  Nasir D. Memon,et al.  Modeling user choice in the PassPoints graphical password scheme , 2007, SOUPS '07.

[10]  Mary Ellen Zurko User-centered security: stepping up to the grand challenge , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[11]  Karen Renaud,et al.  Armchair authentication , 2009, BCS HCI.

[12]  Alain Forget,et al.  Influencing users towards better passwords: persuasive cued click-points , 2008, BCS HCI.

[13]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[14]  Lorrie Faith Cranor,et al.  Human selection of mnemonic phrase-based passwords , 2006, SOUPS '06.

[15]  Nicolas Christin,et al.  Use Your Illusion: secure authentication usable anywhere , 2008, SOUPS '08.

[16]  Nasir D. Memon,et al.  PassPoints: Design and longitudinal evaluation of a graphical password system , 2005, Int. J. Hum. Comput. Stud..