To read the full version of this content please select one of the options below:

Assessing image‐based authentication techniques in a web‐based environment

M.Z. Jali (Centre for Security, Communications and Network Research, University of Plymouth, Plymouth, UK)
S.M. Furnell (Centre for Security, Communications and Network Research, University of Plymouth, Plymouth, UK School of Computer and Security Science, Edith Cowan University, Perth, Western Australia)
P.S. Dowland (Centre for Security, Communications and Network Research, University of Plymouth, Plymouth, UK)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 23 March 2010

Abstract

Purpose

The purpose of this paper is to assess the usability of two image‐based authentication methods when used in the web‐based environment. The evaluated approaches involve clicking secret points within a single image (click‐based) and remembering a set of images in the correct sequence (choice‐based).

Design/methodology/approach

A “one‐to‐one” usability study was conducted in which participants had to complete three main tasks; namely authentication tasks (register, confirm and login), spot the difference activity and provide feedback.

Findings

From analysing the results in terms of timing, number of attempts, user feedback, accuracy and predictability, it is found that the choice‐based approach is better in terms of usability, whereas the click‐based method performed better in terms of timing and is rated more secure against social engineering.

Research limitations/implications

The majority of participants are from the academic sector (students, lecturers, etc.) and had up to seven years' IT experience. To obtain more statistically significant results, it is proposed that participants should be obtained from various sectors, having a more varied IT experience.

Practical implications

The results suggest that in order for image‐based authentication to be used in the web environment, more work is needed to increase the usability, while at the same time maintaining the security of both techniques.

Originality/value

This paper enables a direct comparison of the usability of two alternative image‐based techniques, with the studies using the same set of participants and the same set of environment settings.

Keywords

Citation

Jali, M.Z., Furnell, S.M. and Dowland, P.S. (2010), "Assessing image‐based authentication techniques in a web‐based environment", Information Management & Computer Security, Vol. 18 No. 1, pp. 43-53. https://doi.org/10.1108/09685221011035250

Publisher

:

Emerald Group Publishing Limited

Copyright © 2010, Emerald Group Publishing Limited