Towards enhancing click-draw based graphical passwords using multi-touch behaviours on smartphones

Graphical passwords (GPs) are recognised as one of the potential alternatives in addressing the limitations in conventional text-based password authentication. With the rapid development of mobile devices (i.e., the increase of computing power), GP-based systems have already been implemented not only on PCs, but also on smartphones to authenticate legitimate users and detect impostors. However, as compared to common computers, we identify that users are able to perform some distinct actions like multi-touch on smartphones. The multi-touch is a distinguished feature on current smartphones and its impact on graphical password creation is an important topic in the literature. In this paper, our interest is to investigate the influence of multi-touch behaviours on users' habit in creating graphical passwords, especially on click-draw based GPs (shortly ) on mobile devices. In the evaluation, we develop a multi-touch enabled CD-GPS on smartphones and conduct two major experiments with a total of 90 participants. The study results indicate that participants are more likely to use multi-touch features to create their secrets, and multi-touch can make a positive impact on creating graphical passwords (i.e., offering higher success rates and less time consumption).