AbstractAutomated teller machines (ATMs) provide access to cash, confidential information and services for consumers of diverse cultures and abilities globally. Recent research has explored whether graphical authentication mechanisms could replace existing, knowledge-based mechanisms at the ATM that are error-prone. Findings have indicated that graphical authentication offers greater usability, and potentially greater security. The questions selected for investigation, of whether users could remember multiple graphical passwords successfully, and what could improve that memorability, were previously unexplored.
This report describes the design, development and evaluation of research to evaluate whether users find multiple graphical passwords more memorable than multiple knowledge-based passwords. It also investigates the success of two memory augmentation strategies in increasing memorability of multiple graphical passwords. Hypotheses were tested via a comparative longitudinal study, performed using an experimental, fixed, post-test factorial design. A web-based study was developed using PHP, XHTML and CSS. Participants enrolled in the study, were assigned multiple passwords, and rehearsed their passwords. They then carried out three password retention tests on-line, with two weeks between each test. Data was captured and analysed using a MySQL relational database.
Findings show that multiple graphical passwords are 331% more memorable than knowledge-based ones. When a mnemonic strategy is used as well, the improvement rises to 534%. In contrast, using distinct coloured backgrounds did not give such marked improvements.
|Date of Award
|Gregory LePlatre (Supervisor) & Lynn Coventry (Supervisor)