Thomas S. Tullis, Donna P. Tedesco, & Kate E. McCaffrey
Proceedings of ACM CHI 2011 Conference on Human Factors in Computing Systems, 2011, pp. 1789-1794.
Publication year: 2011

Previous research had shown that pictorial passwords, where users recognize their target images among distractors, have potential for improving the usability of authentication systems.  A method using personal photos provided by the users as their targets, shown among highly similar distractors, showed the most promise for both accuracy and security.  But the longest time period that had been tested between successive login attempts was only about one month.  We wanted to see what happens when six years have elapsed.  We recruited some of the same participants from the previous study and tested their ability to select their target photos six years later. We found that 12 of 13 participants successfully authenticated themselves.  The overall accuracy rate was 95.6%, demonstrating that most users can remember these pictorial passwords even over long periods of time.

Leave a Reply

Your email address will not be published. Required fields are marked *