Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.586822
Title: An ecologically valid evaluation of an observation-resilient graphical authentication mechanism
Author: Maguire, Joseph Noel
Awarding Body: University of Glasgow
Current Institution: University of Glasgow
Date of Award: 2013
Availability of Full Text:
Access through EThOS:
Access through Institution:
Abstract:
Alphanumeric authentication, by means of a secret, is not only a powerful mechanism, in theory, but prevails over all its competitors in reality. Passwords, as they are more commonly known, have the potential to act as a fairly strong gateway. In practice, though, password usage is problematic. They are (1) easily shared, (2) trivial to observe and (3) maddeningly elusive when forgotten. Moreover, modern consumer devices only exacerbate the problems of passwords as users enter them in shared spaces, in plain view, on television screens, on smartphones and on tablets. Asterisks may obfuscate alphanumeric characters on entry but popular systems, e.g. Apple iPhone and Nintendo Wii, require the use of an on-screen keyboard for character input. ! ! A number of alternatives to passwords have been proposed but none, as yet, have been adopted widely. There seems to be a reluctance to switch from tried and tested passwords to novel alternatives, even if the most glaring flaws of passwords can be mitigated. One argument is that there has not been sufficient investigation into the feasibility of the password alternatives and thus no convincing evidence that they can indeed act as a viable alternative. ! ! Graphical authentication mechanisms, solutions that rely on images rather than characters, are a case in point. Pictures are more memorable than the words that name them, meaning that graphical authentication mitigates one of the major problems with passwords. This dissertation sets out to investigate the feasibility of one particular observation-resilient graphical authentication mechanism called Tetrad. The authentication mechanism attempted to address two of the core problems with passwords: improved memorability and resistance to observability (with on-screen entry).! ! Tetrad was tested in a controlled lab study, that delivered promising results and was well received by the evaluators. It was then deployed in a realistic context and its viability tested in three separate field tests. The unfortunate conclusion was that Tetrad, while novel and viable in a lab setting, failed to deliver a usable and acceptable experience to the end users. This thorough testing of an alternative authentication mechanism is unusual in this research field and the outcome is disappointing. Nevertheless, it acts to inform inventors of other authentication mechanisms of the problems that can manifest when a seemingly viable authentication mechanism is tested in the wild.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.586822  DOI: Not available
Keywords: QA75 Electronic computers. Computer science
Share: