Title

Assessing image-based authentication techniques in a web-based environment.

Document Type

Journal Article

Publisher

Emerald Group Publishing Limited

Faculty

Computing, Health and Science

School

Computer & Security Science/Security Research Centre (secAU)

RAS ID

10493

Comments

This article was originally published as: Jali, M.Z., Furnell, S.M. , & Dowland, P.S. (2010). Assessing image-based authentication techniques in a web-based environment. Information Management & Computer Security, 18(1), 43-53. Original article available here

Abstract

The purpose of this paper is to assess the usability of two image-based authentication methods when used in the web-based environment. The evaluated approaches involve clicking secret points within a single image (click-based) and remembering a set of images in the correct sequence (choice-based). A “one-to-one” usability study was conducted in which participants had to complete three main tasks; namely authentication tasks (register, confirm and login), spot the difference activity and provide feedback. From analysing the results in terms of timing, number of attempts, user feedback, accuracy and predictability, it is found that the choice-based approach is better in terms of usability, whereas the click-based method performed better in terms of timing and is ratedmore secure against social engineering.The majority of participants are from the academic sector (students, lecturers, etc.) and had up to seven years’ IT experience. To obtain more statistically significant results, it is proposed that participants should be obtained from various sectors, having a more varied IT experience. The results suggest that in order for image-based authentication to be used in the web environment, more work is needed to increase the usability, while at the same time maintaining the security of both techniques. This paper enables a direct comparison of the usability of two alternative image-based techniques, with the studies using the same set of participants and the same set of environment settings.

DOI

10.1108/09685221011035250

This document is currently not available here.

 
COinS
 

Link to publisher version (DOI)

10.1108/09685221011035250