A Study of Mnemonic Image Passwords

Existing studies in the field of graphical authentication systems (GASs) have shown that users find it difficult to remember multiple image passwords. In this context, it is believed that memorability can be improved if target images making up a graphical password are selected using a mnemonic strategy during the registration stage. We conducted a usability study with 80 subjects, who were required to create four graphical passwords, each using a mnemonic strategy and recall them every week, for a period of four weeks. The results demonstrated that the memorability of the image passwords created using a mnemonic strategy do not improve even when compared to the existing multiple password studies. Hence remembering multiple image passwords using mnemonic strategies is a mentally demanding task. A guessability study was conducted with 70 participants to examine the vulnerability of image passwords to written descriptions. The analysis of the descriptions revealed that most passwords created in the usability study were described by the account holders using annotated/ non annotated sketch of the target images making up a password. This made all the passwords highly guessable. Based on our results we propose a hint-based authentication system, which can improve the memorability of graphical passwords and also provide adequate security. But the usability as well as security of the proposed system needs to be tested before it could be adopted in practice