Pictures at the ATM: exploring the usability of multiple graphical passwords

Wendy Moncur, Gregory LePlatre

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    58 Citations (Scopus)

    Abstract

    Users gain access to cash, confidential information and services at Automated Teller Machines (ATMs) via an authentication process involving a Personal Identification Number (PIN). These users frequently have many different PINs, and fail to remember them without recourse to insecure behaviours. This is not a failing of users. It is a usability failing in the ATM authentication mechanism. This paper describes research executed to evaluate whether users find multiple graphical passwords more memorable than multiple PINs. The research also investigates the success of two memory augmentation strategies in increasing memorability of graphical passwords. The results demonstrate that multiple graphical passwords are substantially more effective than multiple PIN numbers. Memorability is further improved by the use of mnemonics to aid their recall.This study will be of interest to HCI practitioners and information security researchers exploring approaches to usable security.
    Original languageEnglish
    Title of host publicationCHI '07
    Subtitle of host publicationProceedings of the SIGCHI Conference on Human Factors in Computing Systems
    Place of PublicationNew York
    PublisherAssociation for Computing Machinery
    Pages887-894
    Number of pages8
    ISBN (Print)9781595935939
    DOIs
    Publication statusPublished - 2007
    EventCHI 2007 Conference on Human Factors in Computing Systems - San Jose, California, United States
    Duration: 28 Apr 20073 May 2007
    http://www.chi2007.org/

    Conference

    ConferenceCHI 2007 Conference on Human Factors in Computing Systems
    Abbreviated titleCHI 2007
    CountryUnited States
    CitySan Jose, California
    Period28/04/073/05/07
    Internet address

    Fingerprint

    Authentication
    Security of data
    Human computer interaction
    Data storage equipment

    Cite this

    Moncur, W., & LePlatre, G. (2007). Pictures at the ATM: exploring the usability of multiple graphical passwords. In CHI '07 : Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp. 887-894). New York: Association for Computing Machinery. https://doi.org/10.1145/1240624.1240758
    Moncur, Wendy ; LePlatre, Gregory. / Pictures at the ATM : exploring the usability of multiple graphical passwords. CHI '07 : Proceedings of the SIGCHI Conference on Human Factors in Computing Systems . New York : Association for Computing Machinery, 2007. pp. 887-894
    @inproceedings{59ddad2b93e64b179e38c72606291939,
    title = "Pictures at the ATM: exploring the usability of multiple graphical passwords",
    abstract = "Users gain access to cash, confidential information and services at Automated Teller Machines (ATMs) via an authentication process involving a Personal Identification Number (PIN). These users frequently have many different PINs, and fail to remember them without recourse to insecure behaviours. This is not a failing of users. It is a usability failing in the ATM authentication mechanism. This paper describes research executed to evaluate whether users find multiple graphical passwords more memorable than multiple PINs. The research also investigates the success of two memory augmentation strategies in increasing memorability of graphical passwords. The results demonstrate that multiple graphical passwords are substantially more effective than multiple PIN numbers. Memorability is further improved by the use of mnemonics to aid their recall.This study will be of interest to HCI practitioners and information security researchers exploring approaches to usable security.",
    author = "Wendy Moncur and Gregory LePlatre",
    year = "2007",
    doi = "10.1145/1240624.1240758",
    language = "English",
    isbn = "9781595935939",
    pages = "887--894",
    booktitle = "CHI '07",
    publisher = "Association for Computing Machinery",

    }

    Moncur, W & LePlatre, G 2007, Pictures at the ATM: exploring the usability of multiple graphical passwords. in CHI '07 : Proceedings of the SIGCHI Conference on Human Factors in Computing Systems . Association for Computing Machinery, New York, pp. 887-894, CHI 2007 Conference on Human Factors in Computing Systems, San Jose, California, United States, 28/04/07. https://doi.org/10.1145/1240624.1240758

    Pictures at the ATM : exploring the usability of multiple graphical passwords. / Moncur, Wendy; LePlatre, Gregory.

    CHI '07 : Proceedings of the SIGCHI Conference on Human Factors in Computing Systems . New York : Association for Computing Machinery, 2007. p. 887-894.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    TY - GEN

    T1 - Pictures at the ATM

    T2 - exploring the usability of multiple graphical passwords

    AU - Moncur, Wendy

    AU - LePlatre, Gregory

    PY - 2007

    Y1 - 2007

    N2 - Users gain access to cash, confidential information and services at Automated Teller Machines (ATMs) via an authentication process involving a Personal Identification Number (PIN). These users frequently have many different PINs, and fail to remember them without recourse to insecure behaviours. This is not a failing of users. It is a usability failing in the ATM authentication mechanism. This paper describes research executed to evaluate whether users find multiple graphical passwords more memorable than multiple PINs. The research also investigates the success of two memory augmentation strategies in increasing memorability of graphical passwords. The results demonstrate that multiple graphical passwords are substantially more effective than multiple PIN numbers. Memorability is further improved by the use of mnemonics to aid their recall.This study will be of interest to HCI practitioners and information security researchers exploring approaches to usable security.

    AB - Users gain access to cash, confidential information and services at Automated Teller Machines (ATMs) via an authentication process involving a Personal Identification Number (PIN). These users frequently have many different PINs, and fail to remember them without recourse to insecure behaviours. This is not a failing of users. It is a usability failing in the ATM authentication mechanism. This paper describes research executed to evaluate whether users find multiple graphical passwords more memorable than multiple PINs. The research also investigates the success of two memory augmentation strategies in increasing memorability of graphical passwords. The results demonstrate that multiple graphical passwords are substantially more effective than multiple PIN numbers. Memorability is further improved by the use of mnemonics to aid their recall.This study will be of interest to HCI practitioners and information security researchers exploring approaches to usable security.

    UR - http://www.scopus.com/inward/record.url?scp=35348895703&partnerID=8YFLogxK

    U2 - 10.1145/1240624.1240758

    DO - 10.1145/1240624.1240758

    M3 - Conference contribution

    AN - SCOPUS:35348895703

    SN - 9781595935939

    SP - 887

    EP - 894

    BT - CHI '07

    PB - Association for Computing Machinery

    CY - New York

    ER -

    Moncur W, LePlatre G. Pictures at the ATM: exploring the usability of multiple graphical passwords. In CHI '07 : Proceedings of the SIGCHI Conference on Human Factors in Computing Systems . New York: Association for Computing Machinery. 2007. p. 887-894 https://doi.org/10.1145/1240624.1240758