Skip to content
Licensed Unlicensed Requires Authentication Published by Oldenbourg Wissenschaftsverlag January 14, 2020

CogniPGA: Longitudinal Evaluation of Picture Gesture Authentication with Cognition-Based Intervention

  • Christina Katsini

    Christina Katsini is a Ph.D. Candidate at the University of Patras, Greece. Her interests lie in understanding how people interact with systems and services, and in designing for the people with the people. In her Ph.D. research, she is investigating user choices in graphical user authentication from a human cognitive perspective.

    EMAIL logo
    , Nikolaos Avouris

    Nikolaos Avouris (MSc, Ph.D., https://sites.google.com/view/avouris) is an electrical and computer engineer with a research interest in human-computer interaction. He is a Professor of Software Technology and Human-Computer Interaction in Electrical and Computer Engineering Department of University of Patras, Greece. He is Head of Interactive Technologies Lab and HCI Group.

    and Christos Fidas

    Christos Fidas (Ph.D., http://cfidas.info) is an electrical and computer engineer, and senior researcher with an interest in cultural heritage informatics, usable and secure information systems, and human socio-cultural and cognitive factors. He is an Assistant Professor at the Department of Cultural Heritage Management and New Technologies, University of Patras, Greece.

From the journal i-com

Abstract

There is evidence that the visual behavior of users when creating graphical passwords affects the password strength. Adopting a cognitive style perspective in the interpretation of the results of recent studies revealed that users, depending on their cognitive style, follow different visual exploration paths when creating graphical passwords which affected the password strength. To take advantage of the inherent abilities of people, we proposed CogniPGA, a cued-recall graphical authentication scheme where a cognition-based intervention using gaze data is applied. This paper presents the longitudinal evaluation of the proposed scheme in terms of security, memorability, and usability from a cognitive style perspective. Results strengthen the assumptions that understanding and using the inherent cognitive characteristics of users could enable the design of user-first authentication schemes, where no compromises need to be made on security for benefiting usability or the other way around.

Award Identifier / Grant number: 617

Funding statement: This research was supported by the General Secretariat for Research and Technology (GSRT) and the Hellenic Foundation for Research and Innovation (HFRI) – 1st Proclamation of Scholarships for PhD Candidates / Code: 617.

About the authors

Christina Katsini

Christina Katsini is a Ph.D. Candidate at the University of Patras, Greece. Her interests lie in understanding how people interact with systems and services, and in designing for the people with the people. In her Ph.D. research, she is investigating user choices in graphical user authentication from a human cognitive perspective.

Nikolaos Avouris

Nikolaos Avouris (MSc, Ph.D., https://sites.google.com/view/avouris) is an electrical and computer engineer with a research interest in human-computer interaction. He is a Professor of Software Technology and Human-Computer Interaction in Electrical and Computer Engineering Department of University of Patras, Greece. He is Head of Interactive Technologies Lab and HCI Group.

Christos Fidas

Christos Fidas (Ph.D., http://cfidas.info) is an electrical and computer engineer, and senior researcher with an interest in cultural heritage informatics, usable and secure information systems, and human socio-cultural and cognitive factors. He is an Assistant Professor at the Department of Cultural Heritage Management and New Technologies, University of Patras, Greece.

Acknowledgment

We would like to thank all the participants who took part in our study. Special thanks goes to the teaching staff of the two laboratories for their excellent cooperation.

References

[1] Yasemin Acar, Michael Backes, Sascha Fahl, Simson Garfinkel, Doowon Kim, Michelle L. Mazurek and Christian Stransky, Comparing the Usability of Cryptographic APIs, in: 2017 IEEE Symposium on Security and Privacy (SP), pp. 154–171, May 2017.10.1109/SP.2017.52Search in Google Scholar

[2] Florian Alt, Stefan Schneegass, Alireza Sahami Shirazi, Mariam Hassib and Andreas Bulling, Graphical Passwords in the Wild: Understanding How Users Choose Pictures and Passwords in Image-based Authentication Schemes, in: Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI ’15, pp. 316–322, ACM, New York, NY, USA, 2015.10.1145/2785830.2785882Search in Google Scholar

[3] Florian Alt, Mateusz Mikusz, Stefan Schneegass and Andreas Bulling, Memorability of Cued-recall Graphical Passwords with Saliency Masks, in: Proceedings of the 15th International Conference on Mobile and Ubiquitous Multimedia, MUM ’16, pp. 191–200, ACM, New York, NY, USA, 2016.10.1145/3012709.3012730Search in Google Scholar

[4] Charoula Angeli, Nicos Valanides and Paul Kirschner, Field Dependence–Independence and Instructional-Design Effects on Learners’ Performance with a Computer-Modeling Tool, Computers in Human Behavior 25 (2009), 1355–1366.10.1016/j.chb.2009.05.010Search in Google Scholar

[5] Nalin Asanka Gamagedara Arachchilage, Steve Love and Konstantin Beznosov, Phishing Threat Avoidance Behaviour: An Empirical Investigation, Computers in Human Behavior 60 (2016), 185–197.10.1016/j.chb.2016.02.065Search in Google Scholar

[6] Steven J. Armstrong, Eva Cools and Eugene Sadler-Smith, Role of Cognitive Styles in Business and Management: Reviewing 40 Years of Research, International Journal of Management Reviews 14 (2012), 238–262.10.1111/j.1468-2370.2011.00315.xSearch in Google Scholar

[7] Adam J. Aviv, Devon Budzitowski and Ravi Kuber, Is Bigger Better? Comparing User-Generated Passwords on 3×3 vs. 4×4 Grid Sizes for Android’s Pattern Unlock, in: Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC 2015, pp. 301–310, ACM, New York, NY, USA, 2015.10.1145/2818000.2818014Search in Google Scholar

[8] Marios Belk, Christos Fidas, Panagiotis Germanakos and George Samaras, The Interplay Between Humans, Technology and User Authentication, Computers in Human Behavior 76 (2017), 184–200.10.1016/j.chb.2017.06.042Search in Google Scholar

[9] Marios Belk, Christos Fidas, Christina Katsini, Nikolaos Avouris and George Samaras, Effects of Human Cognitive Differences on Interaction and Visual Behavior in Graphical User Authentication, in: Human-Computer Interaction – INTERACT 2017 (Regina Bernhaupt, Girish Dalvi, Anirudha Joshi, Devanuj K. Balkrishan, Jacki O’Neill and Marco Winckler, eds.), pp. 287–296, Springer International Publishing, Cham, 2017.10.1007/978-3-319-67687-6_19Search in Google Scholar

[10] Shlomo Berkovsky, Ronnie Taib, Irena Koprinska, Eileen Wang, Yucheng Zeng, Jingjie Li and Sabina Kleitman, Detecting Personality Traits Using Eye-Tracking Data, in: Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, CHI ’19, pp. 221:1–221:12, ACM, New York, NY, USA, 2019.10.1145/3290605.3300451Search in Google Scholar

[11] Andrea Bianchi, Ian Oakley and Hyoungshick Kim, PassBYOP: Bring Your Own Picture for Securing Graphical Passwords, IEEE Transactions on Human-Machine Systems 46 (2016), 380–389.10.1109/THMS.2015.2487511Search in Google Scholar

[12] Robert Biddle, Mohammad Mannan, Paul C. van Oorschot and Tara Whalen, User Study, Analysis, and Usable Security of Passwords Based on Digital Objects, IEEE Transactions on Information Forensics and Security 6 (2011), 970–979.10.1109/TIFS.2011.2116781Search in Google Scholar

[13] Robert Biddle, Sonia Chiasson and Paul C. van Oorschot, Graphical Passwords: Learning from the First Twelve Years, ACM Computing Surveys 44 (2012), 19:1–19:41.10.1145/2333112.2333114Search in Google Scholar

[14] John Brooke, SUS - A Quick and Dirty Usability Scale, Usability Evaluation in Industry (Patrick W. Jordan, Bruce Thomas, Bernard A. Weerdmeester and Ian L. McClelland, eds.), Taylor & Francis, London, UK, 1996.Search in Google Scholar

[15] Sacha Brostoff and M. Angela Sasse, Are Passfaces More Usable Than Passwords? A Field Trial Investigation, in: People and Computers XIV – Usability or Else! (Sharon McDonald, Yvonne Waern and Gilbert Cockton, eds.), pp. 405–424, Springer London, London, 2000.10.1007/978-1-4471-0515-2_27Search in Google Scholar

[16] Andreas Bulling, Florian Alt and Albrecht Schmidt, Increasing the Security of Gaze-based Cued-recall Graphical Passwords Using Saliency Masks, in: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI ’12, pp. 3011–3020, ACM, New York, NY, USA, 2012.10.1145/2207676.2208712Search in Google Scholar

[17] Hsin-Yi Chiang and Sonia Chiasson, Improving User Authentication on Mobile Devices: A Touchscreen Graphical Password, in: Proceedings of the 15th International Conference on Human-computer Interaction with Mobile Devices and Services, MobileHCI ’13, pp. 251–260, ACM, New York, NY, USA, 2013.10.1145/2493190.2493213Search in Google Scholar

[18] Sonia Chiasson, Robert Biddle and Paul C. van Oorschot, A Second Look at the Usability of Click-based Graphical Passwords, in: Proceedings of the 3rd Symposium on Usable Privacy and Security, SOUPS ’07, pp. 1–12, ACM, New York, NY, USA, 2007.10.1145/1280680.1280682Search in Google Scholar

[19] Sonia Chiasson, Paul C. van Oorschot and Robert Biddle, Graphical Password Authentication Using Cued Click Points, in: Computer Security – ESORICS 2007 (Joachim Biskup and Javier López, eds.), pp. 359–374, Springer Berlin Heidelberg, Berlin, Heidelberg, 2007.10.1007/978-3-540-74835-9_24Search in Google Scholar

[20] Sonia Chiasson, Alain Forget, Robert Biddle and Paul C. van Oorschot, Influencing Users Towards Better Passwords: Persuasive Cued Click-points, in: Proceedings of the 22Nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1, BCS-HCI ’08, pp. 121–130, British Computer Society, Swinton, UK, UK, 2008.10.14236/ewic/HCI2008.12Search in Google Scholar

[21] Sonia Chiasson, Alain Forget, Elizabeth Stobert, Paul C. van Oorschot and Robert Biddle, Multiple Password Interference in Text Passwords and Click-based Graphical Passwords, in: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS ’09, pp. 500–511, ACM, New York, NY, USA, 2009.10.1145/1653662.1653722Search in Google Scholar

[22] Sonia Chiasson, Elizabeth Stobert, Alain Forget, Robert Biddle and Paul C. van Oorschot, Persuasive cued click-points: Design, implementation, and evaluation of a knowledge-based authentication mechanism, IEEE Transactions on Dependable and Secure Computing 9 (2012), 222–235.10.1109/TDSC.2011.55Search in Google Scholar

[23] Soumyadeb Chowdhury, Ron Poet and Lewis Mackenzie, A Comprehensive Study of the Usability of Multiple Graphical Passwords, in: Human-Computer Interaction – INTERACT 2013 (Paula Kotzé, Gary Marsden, Gitte Lindgaard, Janet Wesson and Marco Winckler, eds.), pp. 424–441, Springer Berlin Heidelberg, Berlin, Heidelberg, 2013.10.1007/978-3-642-40477-1_26Search in Google Scholar

[24] Gradeigh D. Clark, Janne Lindqvist and Antti Oulasvirta, Composition Policies for Gesture Passwords: User Choice, Security, Usability and Memorability, in: 2017 IEEE Conference on Communications and Network Security (CNS), pp. 1–9, IEEE, October 2017.Search in Google Scholar

[25] Darren Davis, Fabian Monrose and Michael K. Reiter, On User Choice in Graphical Password Schemes, in: Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13, SSYM’04, pp. 151–164, USENIX Association, Berkeley, CA, USA, 2004.Search in Google Scholar

[26] Antonella De Angeli, Mike Coutts, Lynne Coventry, Graham I. Johnson, David Cameron and Martin H. Fischer, VIP: A Visual Approach to User Authentication, in: Proceedings of the Working Conference on Advanced Visual Interfaces, AVI ’02, pp. 316–323, ACM, New York, NY, USA, 2002.10.1145/1556262.1556312Search in Google Scholar

[27] Antonella De Angeli, Lynne Coventry, Graham Johnson and Karen Renaud, Is a Picture Really Worth a Thousand Words? Exploring the Feasibility of Graphical Authentication Systems, International Journal of Human-Computer Studies 63 (2005), 128–152.10.1016/j.ijhcs.2005.04.020Search in Google Scholar

[28] Rachna Dhamija and Adrian Perrig, DéJà Vu: A User Study Using Images for Authentication, in: Proceedings of the 9th Conference on USENIX Security Symposium - Volume 9, SSYM’00, pp. 45–58, USENIX Association, Berkeley, CA, USA, 2000.Search in Google Scholar

[29] Paul Dunphy and Jeff Yan, Do Background Images Improve “Draw a Secret” Graphical Passwords?, in: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS ’07, pp. 36–47, ACM, New York, NY, USA, 2007.10.1145/1315245.1315252Search in Google Scholar

[30] Paul Dunphy, Andreas P. Heiner and N. Asokan, A Closer Look at Recognition-based Graphical Passwords on Mobile Devices, in: Proceedings of the Sixth Symposium on Usable Privacy and Security, SOUPS ’10, pp. 3:1–3:12, ACM, New York, NY, USA, 2010.Search in Google Scholar

[31] Rosanne English and Ron Poet, Measuring the Revised Guessability of Graphical Passwords, in: 2011 5th International Conference on Network and System Security, pp. 364–368, September 2011.10.1109/ICNSS.2011.6060031Search in Google Scholar

[32] Yannick Forster, Frederik Naujoks and Alexandra Neukum, Your Turn or My Turn?: Design of a Human-Machine Interface for Conditional Automation, in: Proceedings of the 8th International Conference on Automotive User Interfaces and Interactive Vehicular Applications, Automotive’UI 16, pp. 253–260, ACM, New York, NY, USA, 2016.10.1145/3003715.3005463Search in Google Scholar

[33] Enrique Frias-Martinez, Sherry Y. Chen and Xiaohui Liu, Evaluation of a Personalized Digital Library based on Cognitive Styles: Adaptivity vs. Adaptability, International Journal of Information Management 29 (2009), 48–56.10.1016/j.ijinfomgt.2008.01.012Search in Google Scholar

[34] Markus Funk, Karola Marky, Iori Mizutani, Mareike Kritzler, Simon Mayer and Florian Michahelles, LookUnlock: Using Spatial-Targets for User-Authentication on HMDs, in: Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems, CHI EA ’19, pp. LBW0114:1–LBW0114:6, ACM, New York, NY, USA, 2019.10.1145/3290607.3312959Search in Google Scholar

[35] Haichang Gao, Zhongjie Ren, Xiuling Chang, Xiyang Liu and Uwe Aickelin, A New Graphical Password Scheme Resistant to Shoulder-Surfing, in: 2010 International Conference on Cyberworlds, pp. 194–199, IEEE, October 2010.Search in Google Scholar

[36] Ceenu George, Mohamed Khamis, Emanuel von Zezschwitz, Marinus Burger, Henri Schmidt, Florian Alt and Heinrich Hussmann, Seamless and Secure VR: Adapting and Evaluating Established Authentication Systems for Virtual Reality, in: Proceedings 2017 Workshop on Usable Security, NDSS, Internet Society, 2017.10.14722/usec.2017.23028Search in Google Scholar

[37] Ceenu George, Mohamed Khamis, Daniel Buschek and Heinrich Hussmann, Investigating the Third Dimension for Authentication in Immersive Virtual Reality and in the Real World, in: 2019 IEEE Conference on Virtual Reality and 3D User Interfaces (VR), pp. 277–285, IEEE, March 2019.10.1109/VR.2019.8797862Search in Google Scholar

[38] Barney G. Glaser and Anselm L. Strauss, Discovery of Grounded Theory: Strategies for Qualitative Research, Routledge, New York, NY, USA, July 2017.10.4324/9780203793206Search in Google Scholar

[39] George Hadjidemetriou, Marios Belk, Christos Fidas and Andreas Pitsillides, Picture Passwords in Mixed Reality: Implementation and Evaluation, in: Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems, CHI EA ’19, pp. LBW0263:1–LBW0263:6, ACM, New York, NY, USA, 2019.10.1145/3290607.3313076Search in Google Scholar

[40] Jon-Chao Hong, Ming-Yueh Hwang, Ker-Ping Tam, Yi-Hsuan Lai and Li-Chun Liu, Effects of Cognitive Style on Digital Jigsaw Puzzle Performance: A GridWare Analysis, Computers in Human Behavior 28 (2012), 920–928.10.1016/j.chb.2011.12.012Search in Google Scholar

[41] Wei Hu, Xiaoping Wu and Guoheng Wei, The Security Analysis of Graphical Passwords, in: 2010 International Conference on Communications and Intelligence Information Security, pp. 200–203, October 2010.10.1109/ICCIIS.2010.35Search in Google Scholar

[42] Gwo-Jen Hwang, Han-Yu Sung, Chun-Ming Hung, Iwen Huang and Chin-Chung Tsai, Development of a Personalized Educational Computer Game based on Students’ Learning Styles, Educational Technology Research and Development 60 (2012), 623–638.10.1007/s11423-012-9241-xSearch in Google Scholar

[43] Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K. Reiter and Aviel D. Rubin, The Design and Analysis of Graphical Passwords, Proceedings of the 8th Conference on USENIX Security Symposium - Volume 8, SSYM’99, USENIX Association, Berkeley, CA, USA, 1999, pp. 1–14.Search in Google Scholar

[44] Maurits Kaptein and Petri Parvinen, Advancing E-Commerce Personalization: Process Framework and Case Study, International Journal of Electronic Commerce 19 (2015), 7–33.10.1080/10864415.2015.1000216Search in Google Scholar

[45] Christina Katsini, Christos Fidas, Marios Belk, Nikolaos Avouris and George Samaras, Influences of Users’ Cognitive Strategies on Graphical Password Composition, in: Proceedings of the 2017 CHI Conference Extended Abstracts on Human Factors in Computing Systems, CHI EA ’17, pp. 2698–2705, ACM, New York, NY, USA, 2017.10.1145/3027063.3053217Search in Google Scholar

[46] Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras and Nikolaos Avouris, Eye Gaze-driven Prediction of Cognitive Differences During Graphical Password Composition, in: 23rd International Conference on Intelligent User Interfaces, IUI ’18, pp. 147–152, ACM, New York, NY, USA, 2018.10.1145/3172944.3172996Search in Google Scholar

[47] Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras and Nikolaos Avouris, Influences of Human Cognition and Visual Behavior on Password Strength During Picture Password Composition, in: Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, CHI ’18, pp. 87:1–87:14, ACM, New York, NY, USA, 2018.Search in Google Scholar

[48] Christina Katsini, George E. Raptis, Christos Fidas and Nikolaos Avouris, Does Image Grid Visualization Affect Password Strength and Creation Time in Graphical Authentication?, in: Proceedings of the 2018 International Conference on Advanced Visual Interfaces, AVI ’18, pp. 33:1–33:5, ACM, New York, NY, USA, 2018.Search in Google Scholar

[49] Christina Katsini, George E. Raptis, Christos Fidas and Nikolaos Avouris, Towards Gaze-based Quantification of the Security of Graphical Authentication Schemes, in: Proceedings of the 2018 ACM Symposium on Eye Tracking Research & Applications, ETRA ’18, pp. 17:1–17:5, ACM, New York, NY, USA, 2018.Search in Google Scholar

[50] Christina Katsini, Christos Fidas, Marios Belk, George Samaras and Nikolaos Avouris, A Human-Cognitive Perspective of Users’ Password Choices in Recognition-Based Graphical Authentication, International Journal of Human–Computer Interaction (2019), 1–13.10.1080/10447318.2019.1574057Search in Google Scholar

[51] Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor and Julio Lopez, Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms, in: 2012 IEEE Symposium on Security and Privacy, IEEE, May 2012.10.1109/SP.2012.38Search in Google Scholar

[52] Hassan Khan, Urs Hengartner and Daniel Vogel, Usability and Security Perceptions of Implicit Authentication: Convenient, Secure, Sometimes Annoying, in: Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security, SOUPS’15, pp. 225–239, USENIX Association, Berkeley, CA, USA, 2015.Search in Google Scholar

[53] Mohammad Khatib and Rasoul Mohammad Hosseinpur, On the Validity of the Group Embedded Figure Test (GEFT), Journal of Language Teaching and Research 2 (2011).10.4304/jltr.2.3.640-648Search in Google Scholar

[54] Maria Kozhevnikov, Cognitive Styles in the Context of Modern Psychology: Toward an Integrated Framework of Cognitive Style, Psychological Bulletin 133 (2007), 464–481.10.1037/0033-2909.133.3.464Search in Google Scholar PubMed

[55] Oskar Ku, Chi-Chen Hou and Sherry Y. Chen, Incorporating Customization and Personalization into Game-based Learning: A Cognitive Style Perspective, Computers in Human Behavior 65 (2016), 359–368.10.1016/j.chb.2016.08.040Search in Google Scholar

[56] Ximing Liu, Yingjiu Li and Robert H. Deng, Typing-Proof: Usable, Secure and Low-Cost Two-Factor Authentication Based on Keystroke Timings, in: Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC ’18, pp. 53–65, ACM, New York, NY, USA, 2018.10.1145/3274694.3274699Search in Google Scholar

[57] Jia-Jiunn Lo and Yun-Jay Wang, Development of an Adaptive EC Website With Online Identified Cognitive Styles of Anonymous Customers, International Journal of Human-Computer Interaction 28 (2012), 560–575.10.1080/10447318.2011.629952Search in Google Scholar

[58] Andrew Luxton-Reilly, Emma McMillan, Elizabeth Stevenson, Ewan Tempero and Paul Denny, Ladebug: An Online Tool to Help Novice Programmers Improve Their Debugging Skills, in: Proceedings of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education, ITiCSE 2018, pp. 159–164, ACM, New York, NY, USA, 2018.10.1145/3197091.3197098Search in Google Scholar

[59] Stephen Madigan, Picture Memory, Imagery, Memory and Cognition: Essays in Honor of Allan Paivio (John C. Yuille, ed.), Lawrence Erlbaum Associates, Hillsdale, NJ, USA, 1983, pp. 65–89.Search in Google Scholar

[60] Michelle L. Mazurek, Saranga Komanduri, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Richard Shay and Blase Ur, Measuring Password Guessability for an Entire University, in: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS ’13, pp. 173–186, ACM, New York, NY, USA, 2013.10.1145/2508859.2516726Search in Google Scholar

[61] Martin Mihajlov and Borka Jerman-Blažič, On Designing Usable and Secure Recognition-based Graphical Authentication Mechanisms, Interacting with Computers 23 (2011), 582–593.10.1016/j.intcom.2011.09.001Search in Google Scholar

[62] Deborah Nelson and Kim-Phuong L. Vu, Effectiveness of Image-based Mnemonic Techniques for Enhancing the Memorability and Security of User-generated Passwords, Computers in Human Behavior 26 (2010), 705–715.10.1016/j.chb.2010.01.007Search in Google Scholar

[63] Toan Nguyen and Nasir Memon, Tap-based User Authentication for Smartwatches, Computers & Security 78 (2018), 174–186.10.1016/j.cose.2018.07.001Search in Google Scholar

[64] Toan Nguyen, Napa Sae-Bae and Nasir Memon, DRAW-A-PIN: Authentication Using Finger-drawn PIN on Touch Devices, Computers & Security 66 (2017), 115–128.10.1016/j.cose.2017.01.008Search in Google Scholar

[65] Efi A. Nisiforou and Andrew Laghos, Do the Eyes Have It? Using Eye Tracking to Assess Students Cognitive Dimensions, Educational Media International 50 (2013), 247–265.10.1080/09523987.2013.862363Search in Google Scholar

[66] Philip K. Oltman, Evelyn Raskin and Herman A. Witkin, Group Embedded Figures Test, Consulting Psychologists Press, Palo Alto, CA, USA, 1971.Search in Google Scholar

[67] Zach Pace, Signing in With a Picture Password, December 2011.Search in Google Scholar

[68] Allan Paivio and Kalman Csapo, Short-term Sequential Memory for Pictures and Words, Psychonomic Science 24 (1971), 50–51.10.3758/BF03337887Search in Google Scholar

[69] Federico Perazzi, Philipp Krähenbühl, Yael Pritch and Alexander Hornung, Saliency Filters: Contrast Based Filtering for Salient Region Detection, in: 2012 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 733–740, IEEE, 2012.10.1109/CVPR.2012.6247743Search in Google Scholar

[70] George E. Raptis, Christos A. Fidas and Nikolaos M. Avouris, Do Field Dependence-Independence Differences of Game Players Affect Performance and Behaviour in Cultural Heritage Games?, in: Proceedings of the 2016 Annual Symposium on Computer-Human Interaction in Play, CHI PLAY ’16, pp. 38–43, ACM, New York, NY, USA, 2016.10.1145/2967934.2968107Search in Google Scholar

[71] George E. Raptis, Christina Katsini, Marios Belk, Christos Fidas, George Samaras and Nikolaos Avouris, Using Eye Gaze Data and Visual Activities to Infer Human Cognitive Styles: Method and Feasibility Studies, in: Proceedings of the 25th Conference on User Modeling, Adaptation and Personalization, UMAP ’17, pp. 164–173, ACM, New York, NY, USA, 2017.10.1145/3079628.3079690Search in Google Scholar

[72] George E. Raptis, Christos Fidas, Christina Katsini and Nikolaos Avouris, A Cognition-centered Personalization Framework for Cultural-Heritage Content, User Modeling and User-Adapted Interaction 29 (2019), 9–65.10.1007/s11257-019-09226-7Search in Google Scholar

[73] Karen Renaud, Peter Mayer, Melanie Volkamer and Joseph Maguire, Are Graphical Authentication Mechanisms as Strong as Passwords?, in: 2013 Federated Conference on Computer Science and Information Systems, pp. 837–844, September 2013.Search in Google Scholar

[74] Amir Sadovnik and Tsuhan Chen, A Visual Dictionary Attack on Picture Passwords, in: 2013 IEEE International Conference on Image Processing, pp. 4447–4451, September 2013.10.1109/ICIP.2013.6738916Search in Google Scholar

[75] Elizabeth Stobert and Robert Biddle, Memory Retrieval and Graphical Passwords, in: Proceedings of the Ninth Symposium on Usable Privacy and Security, SOUPS ’13, pp. 15:1–15:14, ACM, New York, NY, USA, 2013.10.1145/2501604.2501619Search in Google Scholar

[76] Elizabeth Stobert and Robert Biddle, The Password Life Cycle, ACM Transactions on Privacy and Security (TOPS) 21 (2018), 13:1–13:32.10.1145/3183341Search in Google Scholar

[77] Elizabeth Stobert, Alain Forget, Sonia Chiasson, Paul C. van Oorschot and Robert Biddle, Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords, in: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC ’10, pp. 79–88, ACM, New York, NY, USA, 2010.10.1145/1920261.1920273Search in Google Scholar

[78] Huiping Sun, Ke Wang, Xu Li, Nan Qin and Zhong Chen, PassApp: My App is My Password!, in: Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI ’15, pp. 306–315, ACM, New York, NY, USA, 2015.10.1145/2785830.2785880Search in Google Scholar

[79] Hai Tao and Carlisle Adams, Pass-go: A Proposal to Improve the Usability of Graphical Passwords, International Journal of Network Security 7 (2008), 273–292.Search in Google Scholar

[80] Gary F. Templeton, A Two-step Approach for Transforming Continuous Variables to Normal: Implications and Recommendations for IS Research, Communications of the Association for Information Systems (CAIS) 28 (2011), 41–58.10.17705/1CAIS.02804Search in Google Scholar

[81] Julie Thorpe and Paul C. van Oorschot, Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords, in: Proceedings of the 16th Conference on USENIX Security Symposium, SS’07, pp. 103–118, USENIX Association, Berkeley, CA, USA, 2007.Search in Google Scholar

[82] Julie Thorpe, Brent MacRae and Amirali Salehi-Abari, Usability and Security Evaluation of GeoPass: A Geographic Location-password Scheme, in: Proceedings of the Ninth Symposium on Usable Privacy and Security, SOUPS ’13, pp. 14:1–14:14, ACM, New York, NY, USA, 2013.10.1145/2501604.2501618Search in Google Scholar

[83] Julie Thorpe, Muath Al-Badawi, Brent MacRae and Amirali Salehi-Abari, The Presentation Effect on Graphical Passwords, in: Proceedings of the 32Nd Annual ACM Conference on Human Factors in Computing Systems, CHI ’14, pp. 2947–2950, ACM, New York, NY, USA, 2014.10.1145/2556288.2557212Search in Google Scholar

[84] Judy C.R. Tseng, Hui-Chun Chu, Gwo-Jen Hwang and Chin-Chung Tsai, Development of an Adaptive Learning System with Two Sources of Personalization Information, Computers & Education 51 (2008), 776–786.10.1016/j.compedu.2007.08.002Search in Google Scholar

[85] M.N.M. van Lieshout and Adrian Baddeley, A Nonparametric Measure of Spatial Interaction in Point Patterns, Statistica Neerlandica 50 (1996), 344–361.10.1111/j.1467-9574.1996.tb01501.xSearch in Google Scholar

[86] Paul C. van Oorschot, Amirali Salehi-Abari and Julie Thorpe, Purely Automated Attacks on PassPoints-Style Graphical Passwords, IEEE Transactions on Information Forensics and Security 5 (2010), 393–405.10.1109/TIFS.2010.2053706Search in Google Scholar

[87] Kim-Phuong L. Vu, Robert W. Proctor, Abhilasha Bhargav-Spantzel, Bik-Lam (Belin) Tai, Joshua Cook and E. Eugene Schultz, Improving Password Security and Memorability to Protect Personal and Organizational Information, International Journal of Human-Computer Studies 65 (2007), 744–757.10.1016/j.ijhcs.2007.03.007Search in Google Scholar

[88] Xiang-Yang Wang, Yong-Wei Li, Pan-Pan Niu, Hong-Ying Yang and Dong-Ming Li, Content-based Image Retrieval using Visual Attention Point Features, Fundamenta Informaticae 135 (2014), 309–329.10.3233/FI-2014-1124Search in Google Scholar

[89] Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy and Nasir Memon, Authentication Using Graphical Passwords: Effects of Tolerance and Image Choice, in: Proceedings of the 2005 Symposium on Usable Privacy and Security, SOUPS ’05, pp. 1–12, ACM, New York, NY, USA, 2005.10.1145/1073001.1073002Search in Google Scholar

[90] Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy and Nasir Memon, PassPoints: Design and Longitudinal Evaluation of a Graphical Password System, International Journal of Human-Computer Studies 63 (2005), 102–127.10.1016/j.ijhcs.2005.04.010Search in Google Scholar

[91] Herman A. Witkin, Carol Ann Moore, Donald R. Goodenough and Patricia W. Cox, Field-Dependent and Field-Independent Cognitive Styles and Their Educational Implications, ETS Research Bulletin Series 1975 (1975), 1–64.10.1002/j.2333-8504.1975.tb01065.xSearch in Google Scholar

[92] Nicholas Wright, Andrew S. Patrick and Robert Biddle, Do You See Your Password?: Applying Recognition to Textual Passwords, in: Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS ’12, pp. 8:1–8:14, ACM, New York, NY, USA, 2012.Search in Google Scholar

[93] Honghai Yu and Stefan Winkler, Image Complexity and Spatial Information, in: 2013 Fifth International Workshop on Quality of Multimedia Experience (QoMEX), pp. 12–17, IEEE, 2013.10.1109/QoMEX.2013.6603194Search in Google Scholar

[94] Zhen Yu, Hai-Ning Liang, Charles Fleming and Ka Lok Man, An Exploration of Usable Authentication Mechanisms for Virtual Reality Systems, in: 2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), pp. 458–460, October 2016.Search in Google Scholar

[95] Ziming Zhao, Gail-Joon Ahn, Jeong-Jin Seo and Hongxin Hu, On the Security of Picture Gesture Authentication, in: Proceedings of the 22Nd USENIX Conference on Security, SEC’13, pp. 383–398, USENIX Association, Berkeley, CA, USA, 2013.Search in Google Scholar

[96] Ziming Zhao, Gail-Joon Ahn and Hongxin Hu, Picture Gesture Authentication: Empirical Analysis, Automated Attacks, and Scheme Evaluation, ACM Transactions on Information and System Security (TISSEC) 17 (2015), 14:1–14:37.10.1145/2701423Search in Google Scholar

Published Online: 2020-01-14
Published in Print: 2019-11-18

© 2019 Walter de Gruyter GmbH, Berlin/Boston

Downloaded on 9.2.2023 from https://www.degruyter.com/document/doi/10.1515/icom-2019-0011/html
Scroll Up Arrow