An evaluation model for recognition-based graphical password schemes

Shah Zaman Nizamani, Syed Raheel Hassan, Riaz Ahmed Shaikh, Sheikh Tahir Bakhsh

Research output: Contribution to journalArticlepeer-review


User authentication is the basic need for information security and textual password scheme has been in use for authentication since a long time. In the textual password scheme, security issues increase when a user set easy to remember password, while secure passwords are difficult to remember. To overcome the deficiencies of textual password scheme, different graphical password (GP) schemes are developed. In textual password scheme, security and memorability are two prime concerns whereas in GP schemes, usability is another concern along with security and memorability. GP schemes are divided into three categories, which are recognition-based graphical password schemes (RGP), pure recall-based graphical password schemes (PRGP) and cued recalled-based schemes graphical password schemes (CRGP). Different models are proposed for evaluation of the authentication schemes but they are difficult to execute. In this research paper, an evaluation model is proposed for analyzing the RGP schemes. The model evaluates the schemes with the help of thirty heuristics or features. Furthermore, evaluation of Passface and Deja Vu schemes have been presented by using the proposed evaluation model.
Original languageEnglish
Article number7
Pages (from-to)067-077
Number of pages11
JournalJournal of Information Assurance and Security
Issue number3
Publication statusPublished - Mar 2019

Cite this