{"id":"https://openalex.org/W2160828020","doi":"https://doi.org/10.1145/1837110.1837114","title":"A closer look at recognition-based graphical passwords on mobile devices","display_name":"A closer look at recognition-based graphical passwords on mobile devices","publication_year":2010,"publication_date":"2010-07-14","ids":{"openalex":"https://openalex.org/W2160828020","doi":"https://doi.org/10.1145/1837110.1837114","mag":"2160828020"},"language":"en","primary_location":{"id":"doi:10.1145/1837110.1837114","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1837110.1837114","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth Symposium on Usable Privacy and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087540543","display_name":"Paul Dunphy","orcid":null},"institutions":[{"id":"https://openalex.org/I84884186","display_name":"Newcastle University","ror":"https://ror.org/01kj2bm70","country_code":"GB","type":"education","lineage":["https://openalex.org/I84884186"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Paul Dunphy","raw_affiliation_strings":["Newcastle University, Newcastle upon-Tyne, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Newcastle University, Newcastle upon-Tyne, UK","institution_ids":["https://openalex.org/I84884186"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110271762","display_name":"Andreas P. Heiner","orcid":null},"institutions":[{"id":"https://openalex.org/I2738502077","display_name":"Nokia (Finland)","ror":"https://ror.org/04pkc8m17","country_code":"FI","type":"company","lineage":["https://openalex.org/I2738502077"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Andreas P. Heiner","raw_affiliation_strings":["Nokia Research Center, Helsinki, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Nokia Research Center, Helsinki, Finland","institution_ids":["https://openalex.org/I2738502077"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016685507","display_name":"N. Asokan","orcid":"https://orcid.org/0000-0002-5093-9871"},"institutions":[{"id":"https://openalex.org/I2738502077","display_name":"Nokia (Finland)","ror":"https://ror.org/04pkc8m17","country_code":"FI","type":"company","lineage":["https://openalex.org/I2738502077"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"N. Asokan","raw_affiliation_strings":["Nokia Research Center, Helsinki, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Nokia Research Center, Helsinki, Finland","institution_ids":["https://openalex.org/I2738502077"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":32.1132,"has_fulltext":false,"cited_by_count":119,"citation_normalized_percentile":{"value":0.99584613,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10828","display_name":"Biometric Identification and Security","score":0.9922999739646912,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.866011381149292},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7700307369232178},{"id":"https://openalex.org/keywords/alphanumeric","display_name":"Alphanumeric","score":0.748215913772583},{"id":"https://openalex.org/keywords/login","display_name":"Login","score":0.6377925276756287},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5955003499984741},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.4932019114494324},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.486640065908432},{"id":"https://openalex.org/keywords/cognitive-password","display_name":"Cognitive password","score":0.4306245446205139},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4237344264984131},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.41701966524124146},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4112253785133362},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3307077884674072},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.31260257959365845},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.21548917889595032},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.13395950198173523},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.10338646173477173}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.866011381149292},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7700307369232178},{"id":"https://openalex.org/C2781003394","wikidata":"https://www.wikidata.org/wiki/Q737372","display_name":"Alphanumeric","level":2,"score":0.748215913772583},{"id":"https://openalex.org/C113324615","wikidata":"https://www.wikidata.org/wiki/Q472302","display_name":"Login","level":2,"score":0.6377925276756287},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5955003499984741},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.4932019114494324},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.486640065908432},{"id":"https://openalex.org/C23875713","wikidata":"https://www.wikidata.org/wiki/Q5141232","display_name":"Cognitive password","level":5,"score":0.4306245446205139},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4237344264984131},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.41701966524124146},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4112253785133362},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3307077884674072},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.31260257959365845},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.21548917889595032},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.13395950198173523},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.10338646173477173},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/1837110.1837114","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1837110.1837114","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth Symposium on Usable Privacy and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.363.1255","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.363.1255","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://cups.cs.cmu.edu/soups/2010/proceedings/a3_dunphy.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W128619364","https://openalex.org/W1485033854","https://openalex.org/W1498527206","https://openalex.org/W1498877407","https://openalex.org/W1500396425","https://openalex.org/W1503108337","https://openalex.org/W1505010935","https://openalex.org/W1535782774","https://openalex.org/W1582830784","https://openalex.org/W1921097329","https://openalex.org/W1978075813","https://openalex.org/W1980384741","https://openalex.org/W2013068849","https://openalex.org/W2018926393","https://openalex.org/W2019017059","https://openalex.org/W2046378201","https://openalex.org/W2062088615","https://openalex.org/W2069958295","https://openalex.org/W2074387480","https://openalex.org/W2098112891","https://openalex.org/W2109868644","https://openalex.org/W2110495618","https://openalex.org/W2112767991","https://openalex.org/W2115218409","https://openalex.org/W2122739475","https://openalex.org/W2129347810","https://openalex.org/W2131605659","https://openalex.org/W2136781735","https://openalex.org/W2145023731","https://openalex.org/W2151600711","https://openalex.org/W2155167373","https://openalex.org/W2161032904","https://openalex.org/W2165965940","https://openalex.org/W2166689265","https://openalex.org/W2168549506","https://openalex.org/W2168969969","https://openalex.org/W2169257305","https://openalex.org/W2171133282","https://openalex.org/W3004199071","https://openalex.org/W6773280455"],"related_works":["https://openalex.org/W2183044514","https://openalex.org/W2596869006","https://openalex.org/W2115218409","https://openalex.org/W2969720675","https://openalex.org/W2048203748","https://openalex.org/W165936246","https://openalex.org/W2090949570","https://openalex.org/W2165646781","https://openalex.org/W2896976260","https://openalex.org/W1429263365"],"abstract_inverted_index":{"Graphical":[0],"password":[1],"systems":[2],"based":[3,23],"on":[4,15,24,68,173],"the":[5,62,83,115,129,174,210],"recognition":[6],"of":[7,64,79,85,128,168,177,188,197],"photographs":[8],"are":[9],"candidates":[10],"to":[11,49,55,76,95,102,114,148,195],"alleviate":[12],"current":[13],"over-reliance":[14],"alphanumeric":[16],"passwords":[17],"and":[18,29,43,61,99,137,158,204],"PINs.":[19],"However,":[20],"despite":[21],"being":[22,71],"a":[25,52,89,162,189,198],"simple":[26,112],"concept":[27],"--":[28,37,88],"user":[30],"evaluations":[31],"consistently":[32],"reporting":[33],"impressive":[34],"memory":[35],"retention":[36],"only":[38],"one":[39],"commercial":[40],"example":[41],"exists":[42],"overall":[44],"take-up":[45],"is":[46,75],"low.":[47],"Barriers":[48],"uptake":[50],"include":[51],"perceived":[53],"vulnerability":[54],"observation":[56],"attacks;":[57],"issues":[58,81],"regarding":[59],"deployability;":[60],"impact":[63],"innocuous":[65],"design":[66],"decisions":[67],"security":[69],"not":[70],"formalized.":[72],"Our":[73],"contribution":[74],"dissect":[77],"each":[78],"these":[80],"in":[82,122,161],"context":[84,164],"mobile":[86],"devices":[87,176],"particularly":[90],"suitable":[91],"application":[92],"domain":[93],"due":[94],"their":[96],"increasing":[97],"significance,":[98],"high":[100,190],"potential":[101],"attract":[103],"unauthorized":[104],"access.":[105],"This":[106],"produces:":[107],"1)":[108],"A":[109,141],"novel":[110],"yet":[111],"solution":[113],"intersection":[116],"attack":[117],"that":[118,133],"permits":[119],"greater":[120],"variability":[121],"login":[123,205],"challenges;":[124],"2)":[125],"Detailed":[126],"analysis":[127],"shoulder":[130],"surfing":[131],"threat":[132],"considers":[134],"both":[135],"simulated":[136],"human":[138],"testing;":[139],"3)":[140],"first":[142],"look":[143],"at":[144,202],"image":[145],"processing":[146],"techniques":[147],"contribute":[149],"towards":[150],"automated":[151],"photograph":[152],"filtering.":[153],"We":[154],"operationalize":[155],"our":[156],"observations":[157],"gather":[159],"data":[160],"field":[163],"where":[165],"decentralized":[166],"mechanisms":[167],"varying":[169],"entropy":[170,191,200],"were":[171,193],"installed":[172],"personal":[175],"participants.":[178],"Across":[179],"two":[180],"working":[181],"weeks":[182],"success":[183],"rates":[184],"collected":[185],"from":[186],"users":[187],"version":[192,201],"similar":[194],"those":[196],"low":[199],"77%,":[203],"durations":[206],"decreased":[207],"significantly":[208],"across":[209],"study.":[211]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":6},{"year":2018,"cited_by_count":11},{"year":2017,"cited_by_count":5},{"year":2016,"cited_by_count":11},{"year":2015,"cited_by_count":12},{"year":2014,"cited_by_count":12},{"year":2013,"cited_by_count":18},{"year":2012,"cited_by_count":20}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}