Newcastle University eTheses >
Newcastle University >
Faculty of Science, Agriculture and Engineering >
School of Computing Science >

Please use this identifier to cite or link to this item: http://hdl.handle.net/10443/2149

Title: Usable, secure and deployable graphical passwords
Authors: Dunphy, Paul Michael
Issue Date: 2013
Publisher: Newcastle University
Abstract: Evaluations of the usability and security of alphanumeric passwords and Personal Identification Numbers (PINs) have shown that users cannot remember credentials considered to be secure. However, the continued reliance upon these methods of user authentication has placed end-users and system designers in a coevolutionary struggle, with each defending competing concerns of usability and security. Graphical passwords have been proposed as an alternative, and their use is supported by cognitive theories such as the picture superiority effect which suggest that pictures, rather than words or numbers, could provide a stronger foundation upon which to design usable and secure knowledge-based authentication. Indeed, early usability studies of novel systems harnessing this effect appear to show promise, however, the uptake of graphical passwords in real-world systems is low. This inertia is likely related to uncertainty regarding the challenges that novel systems might bring to the already delicate interplay between usability and security; particularly the new challenges faced in scaffolding user behaviours that comply with context-specific security policies, uncertainty regarding the nature of new socio-technical attacks, and the impact of images themselves upon usability and security. In this thesis we present a number of case studies incorporating new designs, empirical methods and results, that begin to explore these aspects of representative graphical password systems. Specifically, we explore: (i) how we can implicitly support security-focused behaviours such as choosing high entropy graphical passwords and defending against observation attack; (ii) how to capture the likely extent of insecure behaviour in the social domain such as graphical password sharing and observation attack; and (iii) how through the selection of appropriate properties of the images themselves we can provide security and usability benefits. In doing so, we gen- erate new insights into the potential of graphical passwords to provide usable, secure and deployable user authentication.
Description: PhD Thesis
URI: http://hdl.handle.net/10443/2149
Appears in Collections:School of Computing Science

Files in This Item:

File Description SizeFormat
Dunphy, P.M. 13.pdfThesis12.24 MBAdobe PDFView/Open
dspacelicence.pdfLicence43.82 kBAdobe PDFView/Open

SFX Query

Items in eTheses are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 
University homepage | Feedback