Increasing security and usability of computer systems with graphical passwords

Abstract

To gain access to computer systems, users are required to be authenticated. This is usually accomplished by having the user enter an alphanumeric username and password. Users are usually required to remember multiple passwords for different systems and this poses such problems as usability, memorabilty and secuurity. Passwords are usually difficult to remember and users have developed their own methods some of which are not secure of selecting passwords which are easy to remember.In this research we developed a secure and usable password system which addresses the memorability problem. In our system users are required to remember three cartoon images which we demonstrate is easier to recall than a typical secure text password. This system is shown to be secure based on the probability of guessing a password and on the likelihood of an observer shoulder surfing the password and on the difficulty of launching a brute force attack against a graphical image system.Our work demonstrates that security and usability can be achieved simultaneously. It lays the foundation for developing a class of similar password systems, differing only in the degree of security required. Our password system with its low memory requirements can be used in a wide array of applications.