Persuasive Cued Click-Points: Design, Implementation, and Evaluation of a Knowledge-Based Authentication Mechanism
Issue No. 02 - March/April (2012 vol. 9)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2011.55
Sonia Chiasson , Carleton University, Ottawa
Elizabeth Stobert , Carleton University, Ottawa
Alain Forget , Carleton University, Ottawa
Robert Biddle , Carleton University, Ottawa
Paul C. van Oorschot , Carleton University, Ottawa
This paper presents an integrated evaluation of the Persuasive Cued Click-Points graphical password scheme, including usability and security evaluations, and implementation considerations. An important usability goal for knowledge-based authentication systems is to support users in selecting passwords of higher security, in the sense of being from an expanded effective security space. We use persuasion to influence user choice in click-based graphical passwords, encouraging users to select more random, and hence more difficult to guess, click-points.
Authentication, graphical passwords, usable security, empirical studies.
S. Chiasson, A. Forget, R. Biddle, P. C. van Oorschot and E. Stobert, "Persuasive Cued Click-Points: Design, Implementation, and Evaluation of a Knowledge-Based Authentication Mechanism," in IEEE Transactions on Dependable and Secure Computing, vol. 9, no. , pp. 222-235, 2011.