Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Picture Password: A Visual Login Technique for Mobile Devices

Published

Author(s)

Wayne Jansen, Serban I. Gavrila, Vladimir Korolev, Richard P. Ayers, Ryan Swanstrom

Abstract

Adequate user authentication is a persistent problem, particularly with handheld devices, which tend to be highly personal and at the fringes of an organization's influence. Yet, these devices are being used increasingly in corporate settings where they pose a security risk, not only by containing sensitive information, but also by providing the means to access such information over wireless network interfaces. User authentication is the first line of defense against a lost or stolen PDA. However, motivating users to enable simple PIN or password mechanisms and periodically update their authentication information is a constant struggle. This paper describes a means to authenticate a user to a PDA using a visual login technique called Picture Password. The underlying rationale is that a method for login based on visual image selection is an easy and natural way for users to authenticate, removing the most serious barriers to users' compliance with corporate policy. While the technique was designed specifically for handheld devices, it is also suitable for notebooks, workstations, and other computational devices.
Citation
NIST Interagency/Internal Report (NISTIR) - 7030
Report Number
7030

Keywords

authentication, handheld devices, mobile devices, PDA, Personal Digital Assistant, visual login
Created July 1, 2003, Updated November 10, 2018