Abstract or Summary:
Smartphones have emerged as a likely application area for graphical passwords, because they are easier to input on touchscreens than text passwords. Extensive research on graphical passwords and the capabilities of modern smartphones result in a complex design space for graphical password schemes on smartphones. We analyze and describe this design space in detail. In the process, we identify and highlight interrelations between usability and security characteristics, available design features, and smartphone capabilities. We further show the expressiveness and utility of the design space in the development of graphical passwords schemes by implementing five different existing graphical password schemes on one smartphone platform. We performed usability and shoulder surfing experiments with the implemented schemes to validate identified relations in the design space. From our results, we derive a number of helpful insights and guidelines for the design of graphical passwords.