JCSE, vol. 14, no. 4, pp.163-185, 2020

DOI: http://dx.doi.org/10.5626/JCSE.2020.14.4.163

A Systematic Literature Review of Graphical Password Schemes

Tahmina Islam Shammee, Taslima Akter, Muthmainna Mou, Farida Chowdhury, and Md Sadek Ferdous
Department of Computer Science and Engineering, Shahajalal University of Science and Technology, Sylhet, Bangladesh

Abstract: Graphical passwords are an alternative to traditional alphanumeric passwords and can similarly be used to secure online accounts. The widely used alphanumeric passwords have memorability issues and users often find it difficult to memorize a large number of unique passwords. Since 1996, researchers have implemented different graphical password schemes (GPSs) to address such security and usability issues. There are a wide variety of such schemes available. To initiate a study in this domain, it is necessary for a researcher to have a good understanding of the existing research. There are a number of existing review articles, but no systematic literature review (SLR). Additionally, the existing reviews have not covered recent papers. This paper aims to fill in these gaps by reviewing existing GPSs, and intends to address their contributions, limitations, the contexts in which they are used, and the relevant algorithms/techniques. To this end, we conducted an SLR of empirical studies on a number of GPSs published from 1996 to 2019. This article also identifies the security threats that the reviewed schemes are resilient against. A number of schemes have been found to have greater resiliency against different attacks, but not a single scheme is completely resistant to all known attacks.

Keyword: Graphical password; Authentication; Recognition scheme; Recall schemes; Cued-recall scheme; Hybrid scheme; Security

Full Paper:   144 Downloads, 1345 View