Investigating the Viability of Multifactor Graphical Passwords for User Authentication

Authentication using images (i.e., graphical passwords) is claimed to be one of the alternatives for overcoming weaknesses in the traditional username and password authentication. This paper reports on the study to explore the feasibility of combining two graphical password methods for better security. A graphical password prototype scheme, the Enhanced Graphical Authentication System (EGAS), was developed (which combines the methods of clicking on the image (i.e., click-based) and selecting a series of images (i.e., choice-based). The EGAS was tested by 30 participants randomly chosen from the authors' university and two evaluations were made; namely user performance of the combined method and the feasibility of authentication strategies toward the introduced method itself. From both evaluations, it is found that positive results have been obtained, which suggest that these methods could be combined together effectively without giving impediment to users.