Beautiful secrets: using aesthetic images to authenticate users
We propose and evaluate an authentication scheme that improves usability and user experience issues in the authentication process due to its reliance on people's aesthetic tastes and preferences. The scheme uses aesthetic images to verify the identity of computer users. It relies on three major premises regarding visual aesthetics: (i) that an individual has different preferences for different aesthetic stimuli; (ii) that these preferences are relatively consistent; and (iii) that aesthetic tastes are subjective and, therefore, there are considerable individual differences in aesthetic preferences. Following a review of the scientific basis for these premises, we describe the concept of the aesthetic evaluation-based authentication (AEbA) method and illustrate an implementation of it. We address AEbA's advantages and disadvantages relative to other related methods and conclude that it is adequate for low-to-medium security domains. It cannot serve as a compulsory method because we suspect that a certain portion of the user population lacks the degree of aesthetic sensitivity required to use the system effectively. On the plus side, the method offers a positive experience. It alleviates the burden of memorizing passwords to a minimum, and relative to other usability-oriented schemes provides better security in terms of shoulder-surfing, phishing, and password space. Finally, we report on a pilot evaluation of the concept and its feasibility that supports the method's main tenets, provides insights about implementation challenges and suggestions for improvements.