Recall-based Graphical Passwords

Recall-based Passwords

Graphical password schemes based on recall require users to reproduce something that was created earlier during registration. Draw-A-Secret (DAS) was the first such system proposed. The authentication process consists of an N x N grid on which the user draws their password using a stylus or a mouse. Dunphy and Yan considered DAS to be a system worthy of extensive study for a couple of reasons. First, DAS has a theoretical password space which is larger than that of text passwords. Second, it is not restricted to user authentication but can be used for key generation as well.

Various studies have been conducted on this system; however, to date DAS has only been tested through paper prototypes. As such, little can be said on its usability or practical security due to this lack of implementation and suitable user studies .