Graphical passwords as browser extension: Implementation and usability study

Kemal Bicakci, Mustafa Yuceel, Burak Erdeniz, Hakan Gurbaslar, Nart Bedin Atalay

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

8 Citations (Scopus)


Today, most Internet applications still establish user authentication with traditional text based passwords. Designing a secure as well as a user friendly password-based method has been on the agenda of security researchers for a long time. On one hand, there are password manager programs which facilitate generating site-specific strong passwords from a single user password to eliminate the memory burden due to multiple passwords. On the other hand, there are studies exploring the viability of graphical passwords as a more secure and user-friendly alternative. In this paper, we present GPEX, a password manager program implemented as a web browser plug-in to enable using graphical passwords to secure Internet applications without any need to change their authentication interface. Experimental results show that GPEX has security and usability advantages over other password manager plug-ins. specifically; we find that with the visual interface of GPEX, users have a more complete and accurate mental model of the system and incorrect login attempts causing security exposures can easily be avoided.

Original languageEnglish
Title of host publicationTrust Management III - 3rd IFIP WG 11.11 International Conference, IFIPTM 2009, Proceedings
EditorsElena Ferrari, Ninghui Li, Elisa Bertino, Yuecel Karabulut
PublisherSpringer New York LLC
Number of pages15
ISBN (Print)9783642020551
Publication statusPublished - 2009
Externally publishedYes
Event3rd IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2009 - West Lafayette, United States
Duration: 15 Jun 200919 Jun 2009

Publication series

NameIFIP Advances in Information and Communication Technology
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X


Conference3rd IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2009
Country/TerritoryUnited States
CityWest Lafayette

Bibliographical note

Publisher Copyright:
© IFIP International Federation for Information Processing 2009.


This research is supported by TUBİTAK (The Scientific and Technological Research Council of Turkey) under project number 107E227.

FundersFunder number
Türkiye Bilimsel ve Teknolojik Araştirma Kurumu107E227


    • Authe ntication
    • Graphical password
    • Password manager
    • Usable security


    Dive into the research topics of 'Graphical passwords as browser extension: Implementation and usability study'. Together they form a unique fingerprint.

    Cite this