Check out the new USENIX Web site. next up previous
Next: Conclusion Up: On User Choice in Previous: Empirical results


Memorability evaluation

In this section we briefly evaluate the memorability of the schemes we considered. As described in Section 2, there have been many usability studies performed for various graphical password schemes, including for variants of the Face scheme. As such, our goal in this section is not to exhaustively evaluate memorability for Face, but rather to simply benchmark the memorability of the Story scheme against that of Face to provide a qualitative and relative comparison between the two.

Figure 7 shows the percentage of successful logins versus the amount of time since the password was initially established, and Figure 8 shows the percentage of successful logins versus the time since that user's last login attempt. Each figure includes one plot for Face and one plot for Story. A trend that emerges is that while memorability of both schemes is strong, Story passwords appear to be somewhat harder to remember than Face. We do not find this to be surprising, since previous studies have shown Face to have a high degree of memorability.

Figure 7: Memorability versus time since password change. Each data point represents the average of 100 login attempts.
\begin{figure}\centerline{\epsfig{figure=mem-change.eps,width=3in,clip=}}\end{figure}

Figure 8: Memorability versus time since last login attempt. Each data point represents the average of 90 login attempts.
\begin{figure}\centerline{\epsfig{figure=mem-delta.eps,width=3in,clip=}}\end{figure}

One potential reason for users' relative difficulty in remembering their Story passwords is that apparently few of them actually chose stories, despite our suggestion to do so. Nearly 50% of Story users reported choosing no story whatsoever in their exit surveys. Rather, these users employed a variety of alternative strategies, such as picking four pleasing pictures and then trying to memorize the order in which they picked them. Not surprisingly, this contributed very significantly to incorrect password entries due to misordering their selections. For example, of the 236 incorrect password entries in Story, over 75% of them consisted of the correct images selected in an incorrect order. This is also supported anecdotally by several of the exit surveys:

``I had no problem remembering the four pictures, but I could not remember the original order.''

``No story, though having one may have helped to remember the order of the pictures better.''

``... but the third try I found a sequence that I could remember. fish-woman-girl-corn, I would screw up the fish and corn order 50% of the time, but I knew they were the pictures.''

As such, it seems advisable in constructing graphical password schemes to avoid having users remember an ordering of images. For example, we expect that a selection of $k$ images, each from a distinct set of $n$ images (as in the Face scheme, though with image categories not necessarily of only persons), will generally be more memorable than an ordered selection of $k$ images from one set. If a scheme does rely on users remembering an ordering, then the importance of the story should be reiterated to users, since if the sequence of images has some semantic meaning then it is more likely that the password is memorable (assuming that the sequences are not too long [21]).


next up previous
Next: Conclusion Up: On User Choice in Previous: Empirical results