Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.616458
Title: Empirical approach towards investigating usability, guessability and social factors affecting graphical based passwords security
Author: Jebriel, Salem Meftah
ISNI:       0000 0004 5347 4939
Awarding Body: University of Glasgow
Current Institution: University of Glasgow
Date of Award: 2014
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
This thesis investigates the usability and security of recognition-based graphical authentication schemes in which users provide simple images. These images can either be drawn on paper and scanned into the computer, or alternatively, they can be created with a computer paint program. In our first study, looked at how culture and gender might affect the types of images drawn. A large number of simple drawings were provided by Libyan, Scottish and Nigerian participants and then divided into categories. Our research found that many doodles (perhaps as many as 20%) contained clues about the participants’ own culture or gender. This figure could be reduced by providing simple guidelines on the types of drawings which should be avoided. Our second study continued this theme and asked the participants to try to guess the culture of the person who provided the image. This provided examples of easily guessable and harder to guess images. Our third study we built a system to automatically register simple images provided by users. This involved creating a website where the users could register their images and which they could later login to. Image analysis software was also written which corrected any mistakes the user might make when scanning in their images or using the Paint program. This research showed that it was possible to build an automatic registration system, and that users preferred using a paint tool rather than drawing on paper and then scanning in the drawing. This study also exposed poor security in some user habits, since many users kept their drawings or image files. This research represents one of the first studies of interference effects where users have to choose two different graphical passwords. Around half of the users provided very similar set of drawings. The last study conducted an experiment to find the best way of avoiding ‘shoulder surfing’ attacks to security when selecting simple images during the login stage. Pairs of participants played the parts of the observer and the user logging in. The most secure approaches were selecting using a single keystroke and selecting rows and columns with two key strokes.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.616458  DOI: Not available
Keywords: QA75 Electronic computers. Computer science ; QA76 Computer software
Share: