Guidelines for designing graphical authentication mechanism interfaces

Renaud, K. (2009) Guidelines for designing graphical authentication mechanism interfaces. International Journal of Information and Computer Security, 3(1), pp. 60-85. (doi:10.1504/IJICS.2009.026621)

Full text not currently available from Enlighten.

Abstract

The password era is drawing to a close. The latest technology is being released without keyboards, which makes password entry insecure and arduous. Furthermore, everyone is straining under the burden of multiple passwords and Personal Identification Numbers (PINs), and a viable knowledge-based alternative is urgently required. In the last few years a number of innovative graphical authentication mechanisms, which use pictures instead of alphanumeric strings, have been proposed. There is long-standing evidence that people remember pictures far better than they remember alphanumeric strings, so in terms of easing the memory load, pictures seem to offer a viable alternative. However, what is emerging from current research is that the design of such a graphical authentication mechanism interface can either make or break it, both in terms of security and usability. This paper will discuss various design options and make recommendations about how such systems should be designed in order to make them maximally efficacious while considering the level of risk associated with the resource being protected by the mechanism.

Item Type:Articles
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Renaud, Professor Karen
Authors: Renaud, K.
College/School:College of Science and Engineering > School of Computing Science
Journal Name:International Journal of Information and Computer Security
ISSN:1744-1765
ISSN (Online):1744-1773

University Staff: Request a correction | Enlighten Editors: Update this record