Mobile devices such as smartphones and tablets are widely used to perform security critical and privacy sensitive activities, such as mobile banking, mobile health care, mobile shopping, etc. Screen locks are used in mobile devices to protect sensitive information. Graphical password and alphanumeric password are two common types of screen locking schemes. The alphanumeric password scheme has shown some security and usability drawbacks. For example, a user may pick an easy to remember alphanumeric password that may also be easy to guess. On the contrary, if as user picks a password that is hard to guess it may also be hard to remember. Several alternative password mechanisms have been introduced. Graphical password is one of them, and it is based on pictures or patterns. However, graphical password is also vulnerable to certain types of attack. In this paper, we study an alphanumeric password method (i.e., PIN) and a graphical password method (i.e., pattern) in order to unravel security and usability issues related to mobile device authentication. The study uses observation and survey data to compare these two authentication methods on following criteria: creation time, memorability, and login time and login success rate. In addition, we also measure how the screen size of a mobile device affects usability and security aspects of screen locks by measuring differences on creation time, memorability, login time, login success rate for Android smartphone and tablet.
展开▼