An experimental comparison of secret-based user authentication technologies

The paper presents a comparative study of software-based user authentication techniques, contrasting the use of traditional password and Personal Identifier Numbers against alternative methods involving question and answer responses and graphical representation. All methods share the common basis of some secret knowledge and rely upon the users ability to recall it in order to achieve authentication. An experimental trial is described, along with the results based upon 27 participants. The alternative methods are assessed in terms of practical effectiveness (in this context relating to the participant’s ability to authenticate themselves a significant time after initial use of the methods), as well as the perceived levels of user friendliness and security that they provide. The investigation concludes that while passwords and PIN approaches garner good ratings on the basis of their existing familiarity to the participants, other methods based upon image recall and cognitive questions also achieved sufficiently positive results to suggest them as viable alternatives in certain contexts.