Multifactor graphical passwords: An assessment of end-user performance

Abstract

This paper reports on the usability study carried out to assess the feasibility of combining two graphical password methods for better security. The methods involved clicking on the image (i.e. click-based) and selecting a series of images (i.e. choice-based). A graphical password prototype was developed (Enhanced Graphical Authentication System) and tested by thirty participants, who were randomly chosen from the authors' university. Two evaluations were made; namely user performance of the combined method and the feasibility of authentication strategies towards the introduced method itself. From both evaluations, it is found that positive results have been obtained, which suggest that these methods could be combined together effectively without giving impediment to users. However, there are issues relating to predictability as a consequence of insecure user behaviour.