Abstract
Stimulated by a large number of different theories on human cognition, suggesting that individuals have different habitual approaches in retrieving, recalling, processing and storing verbal and graphical information, this paper investigates the effect of such processes with regard to user performance and preference toward two variations of knowledge-based authentication mechanisms. In particular, a text-based password authentication mechanism and a recognition-based graphical authentication mechanism were deployed in the frame of an ecological valid user study, to investigate the effect of specific cognitive factors of users toward efficiency, effectiveness and preference of authentication tasks. A total of 145 users participated during a five-month period between February and June 2012. This recent study provides interesting insights for the design and deployment of adaptive authentication mechanisms based on cognitive factors of users. The results and implications of this paper are valuable in understanding and modeling user interactions with regard to authentication mechanisms.
Chapter PDF
References
Shay, R., Kelley, P., Komanduri, S., Mazurek, M., Ur, B., Vidas, T., Bauer, L., Christin, N., Cranor, L.: Correct Horse Battery Staple: Exploring the Usability of System-assigned Passphrases. In: ACM Symposium on Usable Privacy and Security, Article 7, 20 pages. ACM Press, New York (2012)
Komanduri, S., Shay, R., Kelley, P., Mazurek, M., Bauer, L., Christin, N., Cranor, L., Egelman, S.: Of Passwords and People: Measuring the Effect of Password-composition Policies. In: ACM International Conference on Human Factors in Computing Systems, pp. 2595–2604. ACM Press, New York (2011)
Inglesant, P., Sasse, A.: The True Cost of Unusable Password Policies: Password use in the Wild. In: ACM International Conference on Human Factors in Computing Systems, pp. 383–392. ACM Press, New York (2010)
Florencio, D., Herley, C.A.: Large-scale Study of Web Password Habits. In: ACM International Conference on World Wide Web, pp. 657–666. ACM Press, New York (2007)
Adams, A., Sasse, A.: Users are not the Enemy: Why Users Compromise Security Mechanisms and How to Take Remedial Measures. J. Communications of the ACM 42(12), 40–46 (1999)
Shay, R., Komanduri, S., Kelley, P., Leon, P., Mazurek, M., Bauer, L., Christin, N., Cranor, L.: Encountering Stronger Password Requirements: User Attitudes and Behaviors. In: ACM Symposium on Usable Privacy and Security, Article 2, 20 pages. ACM Press, New York (2010)
Bonneau, J., Herley, C., van Oorschot, P., Stajano, F.: The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. In: IEEE Symposium on Security and Privacy, pp. 553–567. IEEE Computer Society, Washington, DC (2012)
LeBlanc, D., Forget, A., Biddle, R.: Guessing Click-based Graphical Passwords by Eye Tracking. In: IEEE International Conference on Privacy, Security and Trust, pp. 197–204. IEEE Computer Society, Washington, DC (2010)
Zhang, J., Luo, X., Akkaladevi, S., Ziegelmayer, J.: Improving Multiple-password Recall: An Empirical Study. J. Information Security 18(2), 165–176 (2009)
Angeli, A.D., Coventry, L., Johnson, G., Renaud, K.: Is a Picture Really Worth a Thousand Words? Exploring the Feasibility of Graphical Authentication Systems. J. Human-Computer Studies 63(1-2), 128–152 (2005)
Everitt, K.M., Bragin, T., Fogarty, J., Kohno, T.A.: Comprehensive Study of Frequency, Interference, and Training of Multiple Graphical Passwords. In: ACM International Conference on Human Factors in Computing Systems, pp. 889–898. ACM Press, New York (2009)
Tullis, T.S., Tedesco, D.P., McCaffrey, K.E.: Can Users Remember their Pictorial Passwords Six Years Later. In: ACM International Conference on Human Factors in Computing Systems, pp. 1789–1794. ACM Press, New York (2011)
Biddle, R., Chiasson, S., van Oorschot, P.: Graphical Passwords: Learning from the First Twelve Years. J. ACM Computing Surveys 44(4), 41 pages (2012)
Brostoff, S., Sasse, M.A.: Are Passfaces More Usable than Passwords: A Field Trial Investigation. In: BCS International Conference on People and Computers, pp. 405–410. British Computer Society, UK (2000)
Passfaces Corporation. The science behind Passfaces, http://www.passfaces.com/enterprise/resources/whitepapers.htm
Everitt, K., Bragin, T., Fogarty, J., Kohno, T.: A Comprehensive Study of Frequency, Interference, and Training of Multiple Graphical Passwords. In: ACM International Conference on Human Factors in Computing Systems, pp. 889–898. ACM Press, New York (2009)
Stobert, E., Forget, A., Chiasson, S., van Oorschot, P., Biddle, R.: Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords. In: ACM International Conference on Computer Security Applications Conference, pp. 79–88. ACM Press, New York (2010)
Jermyn, I., Mayer, A., Monrose, F., Reiter, M., Rubin, A.: The Design and Analysis of Graphical Passwords. In: USENIX Security Symposium, p. 1. USENIX Association, Berkley (1999)
Gao, H., Guo, X., Chen, X., Wang, L., Liu, X.: YAGP: Yet Another Graphical Password Strategy. In: IEEE International Conference on Computer Security Applications, pp. 121–129. IEEE Computer Society, Washington, DC (2008)
Tao, H., Adams, C.: Pass-Go: A Proposal to Improve the Usability of Graphical Passwords. J. Network Security 7(2), 273–292 (2008)
Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., Memon, N.: Authentication Using Graphical Passwords: Effects of Tolerance and Image Choice. In: ACM Symposium on Usable Privacy and Security, pp. 1–12. ACM Press, New York (2005)
Chiasson, S., Forget, A., Biddle, R., van Oorschot, P.: Influencing Users Towards Better Passwords: Persuasive Cued Click-Points. In: International Conference, B.C.S. on People and Computers, pp. 121–130. British Computer Society, UK (2008)
Bulling, A., Alt, F., Schmidt, A.: Increasing the Security of Gaze-based Cued-recall Graphical Passwords using Saliency Masks. In: ACM International Conference on Human Factors in Computing Systems, pp. 3011–3020. ACM Press, New York (2012)
Mihajlov, M., Jerman-Blazic, B.: On Designing Usable and Secure Recognition-based Graphical Authentication Mechanisms. J. Interacting with Computers 23(6), 582–593 (2011)
Nicholson, J., Dunphy, P., Coventry, L., Briggs, P., Olivier, P.A.: Security Assessment of Tiles: a New Portfolio-based Graphical Authentication System. In: ACM International Conference on Human Factors in Computing Systems (Ext. Abstracts), pp. 1967–1972. ACM Press, New York (2012)
Forget, A., Chiasson, S., van Oorschot, P., Biddle, R.: Improving Text Passwords Through Persuasion. In: ACM International Symposium on Usable Privacy and Security, pp. 1–12. ACM Press, New York (2008)
Wright, N., Patrick, A., Biddle, R.: Do You See Your Password?: Applying Recognition to Textual Passwords. In: ACM International Symposium on Usable Privacy and Security, Article 8, 14 pages. ACM Press, New York (2012)
Kuo, C., Romanosky, S., Cranor, L.: Human Selection of Mnemonic Phrase-based Passwords. In: ACM International Symposium on Usable Privacy and Security, pp. 67–78. ACM Press, New York (2006)
Halderman, J.A., Waters, B., Felten, E.: Convenient Method for Securely Managing Passwords. In: ACM International Conference on World Wide Web, pp. 471–479. ACM Press, New York (2005)
Chiasson, S., van Oorschot, P.C., Biddle, R.A.: Usability Study and Critique of Two Password Managers. In: USENIX Security Symposium, pp. 1–16. USENIX Association, Berkley (2006)
Brusilovsky, P., Kobsa, A., Nejdl, W.: The Adaptive Web: Methods and Strategies of Web Personalization. Springer, Heidelberg (2007)
Paivio, A.: Mind and Its Evolution: A Dual Coding Theoretical Approach. Lawrence, Erlbaum, Mahwah, NJ (2006)
Paivio, A., Csapo, K.: Picture Superiority in Free Recall: Imagery or Dual Coding? J. Cognitive Psychology 5(2), 176–206 (1973)
Anderson, J.R.: Cognitive Psychology and its Implications, 7th edn. Worth Publishers, NY (2009)
Ally, B.A., Budson, A.E.: The Worth of Pictures: Using High Density Event Related Potentials to Understand the Memorial Power of Pictures and the Dynamics of Recognition Memory. J. NeuroImage 35, 378–395 (2007)
Brady, T.F., Konkle, T., Alvarez, G.A., Oliva, A.: Visual Long-term Memory has a Massive Storage Capacity for Object Details. J. National Academy of Sciences 105(38), 14325–14329 (2008)
Oates, J.M., Reder, L.M.: Memory for Pictures: Sometimes a Picture is not Worth a Single Word. In: Successful Remembering and Successful Forgetting: A Festschrift in Honor of Robert A. Bjork, pp. 447–462. J. Psychological Press (2010)
Robertson, E.K., Köhler, S.: Insights from Child Development on the Relationship between Episodic and Semantic Memory. J. Neuropsychologia 45(14), 3178–3189 (2007)
Riding, R., Cheema, I.: Cognitive Styles – An Overview and Integration. J. Educational Psychology 11(3-4), 193–215 (1991)
Peterson, E., Rayner, S., Armstrong, S.: Researching the Psychology of Cognitive Style and Learning Style: Is There Really a Future? J. Learning and Individual Differences 19(4), 518–523 (2009)
Blazhenkova, O., Kozhevnikov, M.: The New Object-Spatial-Verbal Cognitive Style Model: Theory and Measurement. J. Applied Cognitive Psychology 23(5), 638–663 (2009)
Peterson, E., Deary, I., Austin, E.: A New Reliable Measure of Verbal-Imagery Cognitive Style. J. Personality and Individual Differences 38, 1269–1281 (2005)
Riding, R.: Cognitive Styles Analysis. Learning and Training Technology. Birmingham, UK (2001)
Kozhevnikov, M.: Cognitive Styles in the Context of Modern Psychology: Toward an Integrated Framework of Cognitive Style. J. Psychological Bulletin 133(3), 464–481 (2007)
McAvinue, L.P., Robertson, I.H.: Measuring Visual Imagery Ability: A Review. J. Imagination, Cognition and Personality 26, 191–211 (2007)
Kinley, K., Tjondronegoro, D., Partridge, H.: Web Searching Interaction Model based on User Cognitive Styles. In: ACM International Conference of SIGCHI Australia on Computer-Human Interaction, pp. 340–343. ACM Press, New York (2010)
Tavassoli, N.: Temporal and Associative Memory in Chinese and English. J. Consumer Research 26(2), 170–181 (1999)
Herley, C., van Oorschot, P.: A Research Agenda Acknowledging the Persistence of Passwords. J. Security and Privacy 10(1), 28–36 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Belk, M., Fidas, C., Germanakos, P., Samaras, G. (2013). Security for Diversity: Studying the Effects of Verbal and Imagery Processes on User Authentication Mechanisms. In: Kotzé, P., Marsden, G., Lindgaard, G., Wesson, J., Winckler, M. (eds) Human-Computer Interaction – INTERACT 2013. INTERACT 2013. Lecture Notes in Computer Science, vol 8119. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40477-1_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-40477-1_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40476-4
Online ISBN: 978-3-642-40477-1
eBook Packages: Computer ScienceComputer Science (R0)