Method, system and media for authenticating a subject as a user. Embodiments generate visual stories specific to the user and for which the subject must select the corresponding images from among a plurality of decoy images. Gaze tracking can be used to determine which images the user has selected without allowing an observer to learn which images have been selected. Images for the visual story can be retrieved from the user's social networking profile, and corresponding text storied generated to indicate which images should be selected. Multiple security levels are possible by varying the number of story images and decoy images.
展开▼