Although entering user name and textual password are a major method for user authentication, it is not easy for humans to memorize secure passwords such as long and random strings. Therefore, several authentication methods using images have been proposed for reducing the load of memorization. Although graphical passwords are easy to memorize, they are vulnerable against an observation attack. To solve this problem, we propose a graphical password method which is difficult for observers to recognize pass-images. We utilized discrete wavelet transform to blend a pass-image and a decoy image. In this paper, we conduct a user study about usability and robustness against shoulder-surfing by comparing our method with other methods.
展开▼