A Study of Mnemonic Image Passwords

Chowdhury, S., Poet, R. and Mackenzie, L. (2014) A Study of Mnemonic Image Passwords. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust, Toronto, ON, Canada, 23-24 Jul 2014, pp. 207-214. ISBN 9781479935031 (doi: 10.1109/PST.2014.6890941)

Full text not currently available from Enlighten.


Existing studies in the field of graphical authentication systems (GASs) have shown that users find it difficult to remember multiple image passwords. In this context, it is believed that memorability can be improved if target images making up a graphical password are selected using a mnemonic strategy during the registration stage. We conducted a usability study with 80 subjects, who were required to create four graphical passwords, each using a mnemonic strategy and recall them every week, for a period of four weeks. The results demonstrated that the memorability of the image passwords created using a mnemonic strategy do not improve even when compared to the existing multiple password studies. Hence remembering multiple image passwords using mnemonic strategies is a mentally demanding task. A guessability study was conducted with 70 participants to examine the vulnerability of image passwords to written descriptions. The analysis of the descriptions revealed that most passwords created in the usability study were described by the account holders using annotated/ non annotated sketch of the target images making up a password. This made all the passwords highly guessable. Based on our results we propose a hint-based authentication system, which can improve the memorability of graphical passwords and also provide adequate security. But the usability as well as security of the proposed system needs to be tested before it could be adopted in practice.

Item Type:Conference Proceedings
Keywords:Authorisation, image registration, GAS, graphical authentication systems, graphical password, guessability study, hint-based authentication system, image sketch, memorability, mnemonic image passwords, mnemonic strategy, usability study, art, authentication, educational institutions, electronic mail, image recognition, graphical passwords, guesssability, mnemonic strategy, usability.
Glasgow Author(s) Enlighten ID:Mackenzie, Dr Lewis and Poet, Dr Ron and Chowdhury, Soumyadeb
Authors: Chowdhury, S., Poet, R., and Mackenzie, L.
College/School:College of Science and Engineering > School of Computing Science

University Staff: Request a correction | Enlighten Editors: Update this record