Type of Publication: Article in Collected Edition

Graphical Passwords in the Wild: Understanding How Users Choose Pictures and Passwords in Image-based Authentication Schemes

Author(s):

Florian Alt, Stefan Schneegass; Alireza Sahami Shirazi, Mariam Hassib; Bulling, Andreas

Title of Anthology:

Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services (MobileHCI '15)

pages:

316-322

Publisher:

ACM

Location(s):

New York, USA

Publication Date:

2015

ISBN:

978-1-4503-3652-9

Digital Object Identifier (DOI):

doi:10.1145/2785830.2785882

Citation:

Download BibTeX

Abstract

Common user authentication methods on smartphones, such as lock patterns, PINs, or passwords, impose a trade-off between security and password memorability. Image-based passwords were proposed as a secure and usable alternative. As of today, however, it remains unclear how such schemes are used in the wild. We present the first study to investigate how image-based passwords are used over long periods of time in the real world. Our analyses are based on data from 2318 unique devices collected over more than one year using a custom application released in the Android Play store. We present an in-depth analysis of what kind of images users select, how they define their passwords, and how secure these passwords are. Our findings provide valuable insights into real-world use of image-based passwords and inform the design of future graphical authentication schemes.