The Homepage of Nis Bornoe

Graphical passwords

Page updated: June 21, 2020


The most dominant authentication method is alphanumeric passwords used in different forms in all sorts of systems and devices. An alternative authentication scheme is graphical passwords (also known as graphical user authentication and visual login). The central concept behind graphical passwords is that the classic alphanumeric password recall is switched with picture recognition or reproduction. Instead of recalling a password, the user has to recognize a picture, objects in an image, or reproduce a figure to authenticate.

There is a famous saying "A Picture is Worth a Thousand Words", indicating that complex messages and stories that require a lot of text can be described through a single picture. This is one way to describe graphical passwords. They can be very complex compared to, for example, a single word, yet they provide a story and impression that makes them personal and easy to remember. The idea behind graphical passwords is to provide an authentication scheme that provides strong protection and yet is easy and effective to use. Graphical passwords are somehow a new way of thinking passwords in the sense that they open the possibility of recognition based authentication as opposed to recall schemes. The purpose of graphical passwords has the same purpose as regular alphanumeric passwords: to authenticate the user. That is the sole yet important goal of all password schemes. They are an approach to authenticate a given user in a given system but, at the same time, make the authentication process user-centered without lacking on the strength of the protection.

Graphical passwords do not provide more technically secured systems. With the current graphical authentication schemes all underlying authentication methods, will stay the same. The use of graphical passwords is only a change of the user interface and the way the user interacts with a given system. The interaction with the authentication method is just as important as the actual technical implementation of a given authentication method. This point of view has been proven by history. The developers developing the interface and the developers developing the underlying security structures do not have to, and probably should not be the same.

A disadvantage of graphical passwords is that they require a graphical user interface. Much work is still conducted in text-based command prompts and there is no indication that text-based interaction will disappear within the near future. In case of system errors, the graphical interface might not be able to start and often the problem can only be fixed from a text-based command prompt. Unless no authentication is required for this stage the user will also have to have an alphanumeric password.

In today´s world of information, graphical passwords are close to non-existent in all production environments. Of the closest we get to graphical passwords in production environments are graphics used for confirmation. For example, in some online banking systems, the user is allowed to choose a picture. If that picture is not presented when the user logs in, it means the user might not be logged into the system they were supposed to, and they could be victims of, for example, a phishing attack. User chosen text phrases can also be used for this kind of confirmation.

Graphical passwords are not a security "silver bullet", but a possible alternative for usable yet secure authentication. Several problems have already been recognized. For example, some studies comparing text-based passwords and graphical passwords have shown that login time increases when using graphical passwords. An obvious problem with graphical passwords is that they require a graphical user interface. Much work is still done in text-based command prompts, and there is no indication that text-based command prompts will disappear within the near future.

Graphical password schemes

Suo et al. (2005) divides the different graphical password schemes into two different categories: recognition and recall. I will in this section describe different schemes. More exists but the following are the most studied and descriptive regarding ideas of different schemes.


Recognition based graphical passwords can be further divided into two concepts. One concept is that the user needs to choose a subset (K) of pictures from a set or pool (N) of pictures were N > K. The user then has to recognize the pictures, sometimes in a specific order. One login process is to present the user with a sequence of displays or challenge screens. On each challenge screen the user has to click the pass picture. Another login process is to present a single challenge screen containing a mix of pass and decoy pictures were the user has to choose all pass pictures. In the other concept only a single picture is used. The password consists of different points or areas within the picture. The user has to click the sequence of points. Depending on the specific scheme the points can either be predefined or user chosen.


Graphical passwords based on the idea of recall are theoretically like alphanumeric passwords in the sense that the user has to reproduce a figure that is matched against a figure known by the system.