DynaHand: Observation-resistant recognition-based web authentication

Authentication in a Web environment is severely constrained by a minimal expectation of an infrastructure made up of software, hardware, and operator expertise. The traditional mechanism, passwords, is outliving its usefulness in the Web arena. This article presents results from a field test of a graphical authentication system called DynaHand, which utilizes biometrics, i.e. human handwriting recognition, in a graphical authentication mechanism. We also present a tool that supports the analysis of errors evidenced during the authentication process, making it possible to classify failed attempts as either due to genuine user error or failed intrusions. In the case of the former, the tool helps to reduce the occurrence of such genuine errors by identifying distractor images that could potentially cause confusion due to their similarity to target images.