Over-the-Shoulder Attack Resistant Graphical Authentication Schemes Impact on Working Memory

Abstract

Alphanumeric passwords are the most commonly employed authentication scheme. However, technical security requirements often make alphanumeric authentication difficult to use. Researchers have developed graphical authentication schemes to help strike a balance between security requirements and usability. However, replacing characters with pictures has introduced both negative (security vulnerabilities) and positive (memorability benefits) outcomes. We are aware of the noteworthy long-term memory advantages of graphical passcodes, but little is known about the impact on users’ limited working memory resources. Authentication is always a secondary task, which probably consumes working memory. This pilot study examines the impact graphical authentication schemes (Convex-Hull Click; Use Your Illusion; What You See is Where you Enter) have on working memory (Verbal; Spatial; Central Executive). Our findings suggest that graphical authentication schemes impact on working memory varies. This work shows that further investigation is needed to understand the complex relationship between scheme design and working memory.