Will Graphical Passwords Be More Secure Online Than the Text Password?
Have you heard of graphical passwords? They're all the rage right now. It's no secret that most people suck at creating written passwords. According to SplashData, the most used password is, well, "password". That should tell you just how bad most people are at making up new passwords. It's no surprise security researchers have been trying to create a new type of password that's a bit simpler for the average user, yet just as effective.
Now, you may be wondering "Why re-invent the wheel?" Well, you see the alphabet, while probably one of the most important creations in human history, isn't really the most natural thing for us. We've evolved for image and pattern recognition, not to remember writing. Human intelligence is unarguably linked to pattern recognition as you can easily see on IQ tests. Smart people are able to spot different types of patterns and then visualize them into actionable steps. Essentially, being intelligent is a matter of being able to remember more patterns than other people.
That's why we teach children with images instead of with words. Our brains are better equipped with to deal with images than with abstract concepts like written words. Back in the 80s and 90s when dinosaurs roamed the Earth it made sense to use written characters as passwords. The technology was simply too limited for anything else, but these days we have powerful computer screens, TVs, mobile phones, tablets, and all kinds of other devices that can display every image you can think off. This is where graphical passwords come in.
What are graphical passwords?
I'm so glad you asked. SemanticLock, a paper written by Ilesanmi Olade, explains the concept in detail. Basically, the idea is that instead of arranging a bunch of characters in ways that are difficult to remember or guess the user could instead arrange a group of images to tell a story that holds some meaning to them. So instead of writing "password" or "123456", you could arrange a group of images instead. Today's smartphones have screens large enough to display dozens of icons at a time.
Graphical passwords have been in development for close to a decade now, but what separates Ilesanmi Olade's concept from the rest is the idea of telling a story with the images, which works in sync with the way our brains do pattern recognition.
Graphical passwords are still only in the concept stage, however. It will take time to fully develop the idea and apply on a large scale, but the concept itself is already in use. We already use something similar to graphical passwords with pattern-based unlock screens on our phones. They're easier than PINs and much harder to crack, so that shows the idea of graphical passwords has merit. However, pattern-based unlock methods are vulnerable to the so-called smudge attacks, which rely on the trails of our fingers on the screen to guess the pattern, so be sure to keep your screen clean.
SemanticLock ran tests on pattern-based, PINs, and story-based passwords. The results were that while pattern-based passwords were quickest, they also had a higher rate of errors than PIN codes. More importantly, however, graphical story-based passwords were the easiest to remember with only 10 percent of test subject forgetting their passwords.