<mosaic.cnfolio.com>

Weekly project updates



During this week i have completed the project build phase that deals with php registration code i.e the code to register users to my site.. now the hypothesis and questions that is
presented during the final version of preliminary report is being revised for further correction and presenting a good questions to test the system.


this is a sample code

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/11">


	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<title>Image based authentication :: Register</title>
	<link rel="stylesheet"  href="d_files/style.css" type="text/css" media="screen">
	
	<script type="text/javascript">
	     function validateMyForm(myfrm){
	            if (myfrm.FirstName.value == "")
	            {
	                    alert ("Please fill the firts name field");
						 return false;

	            }
				 if (myfrm.LastName.value == "")
	            {
	                    alert ("Please fill the last name field");
						 return false;

	            }
				 if (myfrm.Email.value == "")
	            {
	                    alert ("Please fill the email field");
						 return false;

	            }
				 if (myfrm.UserName.value == "")
	            {
	                    alert ("Please fill the UserName field");
						 return false;

	            }
	    }
 
</script>
<!-- /all in one seo pack -->
</head><body>



<div id="wrapper">
<div id="bg">
<div id="masthead"><!-- End of Utilities -->
</div><!-- End of Masthead --><!-- End Primary Navigation -->


<div id="secondary-nav">
	<ul class="secondary-nav">
		
	    <li class="cat-item current-cat"><a >Image based authentication</a></li>
	    	
	<li class="cat-item cat-item-215"><a  href="hpage1.php">Home</a>
</li>
	<li class="cat-item cat-item-165"><a  href="log.php">
	Login</a>
</li>
	<li class="cat-item cat-item-253"><a >The survey</a>
</li>
	<li class="cat-item cat-item-162"><a >
	Presentation</a>
</li>
	<li class="cat-item cat-item-280"><a >Help</a>
</li>
	
	</ul>
</div><!-- End Secondary Navigation -->

<div id="content" class="single"><!-- End Primary Content --> 
<?php

echo '<form method="post"  action="verify2.php" name="myfrm"  onSubmit="return validateMyForm(this)">';

echo "<table border='0' cellpadding='0' cellspacing='2'>\n";
echo "<tr>\n";
echo "<td>";
echo"<font color='#248bd6'>First name</font></td><td>";

  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"<input type='text' name='FirstName' ></td>";
  
echo"</p>";
echo "</tr>\n";

echo "<tr>\n";

echo "</tr>\n";

echo "<tr>\n";

echo "</tr>\n";

echo "<tr>\n";
echo "<td>";
echo"<font color='#248bd6'>Last name</font></td><td>";


  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  
  echo"<input type='text' name='LastName' ></td>";
  
echo"</p>";
echo "</tr>\n";

echo "<tr>\n";

echo "</tr>\n";

echo "<tr>\n";

echo "</tr>\n";

echo "<tr>\n";
echo "<td>";

echo"<font color='#248bd6'>Email</font></td><td>";

  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  

  echo"<input type='text' name='Email'> </td>";
  
echo"</p>";
echo "</tr>\n";
echo "<tr>\n";

echo "</tr>\n";

echo "<tr>\n";

echo "</tr>\n";


echo "<tr>\n";
echo "<td>";
echo"<font color='#248bd6'>User name</font></td><td>";


  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  

  echo"<input type='text' name='UserName' ></td>";
  
echo"</p>";
echo "</tr>\n";


echo "</table>\n";
 
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
////////////////////



$IMAGE_DIRECTORY = "index_files/";
 
 
$line = "";
$randomNumber= 0;
$imageFiles = array();
$fileName = "";
$x=0;
$total = 0;
$result_array = array();
$pics_per_row = 7;
if ($DIR = opendir($IMAGE_DIRECTORY)) {
	    while ($fileName = readdir($DIR)) {
	            if (is_dir($IMAGE_DIRECTORY . $fileName)) { continue; }
	            if (!preg_match("/\w/", $fileName)) { continue; }
	            if (preg_match("/\.gif$|\.jpg$|\.jpeg$/i",$fileName)) {
	                    $imageFiles[$x] = $fileName;
	                    $x+=1;
	            }
	    }
	    closedir($DIR);
 
	    if( count($imageFiles) > 0 ) {
	                    shuffle($imageFiles);
	            foreach($imageFiles as $field => $value) {
	                                    
	                    $thumb = '<img src="'.$IMAGE_DIRECTORY.$value.'" alt="'.$value.'"  height="110" width="110"/>';
	                    $result_array[] = '<td style="text-align:center;">'.
						
						                            '<input type="checkbox" name="thumb[]" value="'.((int)$value).'"/>'.
	                                               
	                                               $thumb.'</td>';

	                    $total++;
	            }
	            $counter = 0;
	            $output = '<table  ><tr>';
	            foreach($result_array as $cell) {
	                    if($counter == $pics_per_row) {
	                            $counter = 1;
	                            $output .= '</tr><tr>';
	                    } else
	                            $counter++;
 
	                    $output .= $cell;
	            }
	            // This is so that a blank cell isn't left if there were 2 <td> tags you need to add in colspan 2 (pics_per_row = 4)
	            if($counter < $pics_per_row) {
	                    $output .= '<td colspan="'.$pics_per_row - $counter.'"> </td>';
	            }
	            $output .= '</table></tr>';
	          echo $output.'<input type="submit" value="Save"></form>';

	    } else {
	            echo 'No files found';
	    }
} else {
	    echo 'There was a problem generating the gallery';
}


////////////////////////////////////////////////



?>



</div><!-- End of Wrapper -->



<!-- Dynamic page generated in 0.641 seconds. -->
<!-- Cached page generated by WP-Super-Cache on 2009-07-26 15:18:14 -->
<!-- super cache --></body></html>






During this week (10/07/2009) i have started in revising my survey questions that i have submitted in my
final preliminary report. i have chanced the style of questions and also some of the hypothesis. but it still need some help and revising to reach to a
good point in survey designing.

this is what i have done ( the questionnaire) and it is different from the first version.

The reason behind user selection of their pass image.

Which of the following image you prefer?
Unique images that have no similarities with other images?
Images that looks very similar to each other?

What was the reason for selecting your pass image?

Remind you of something that you can remember later
You have selected images that you are Interested in
You have selected your images randomly
Others?


Image features

Are you able to describe your images while:
Looking at them
Not looking at them

Or this style ??

When you are looking at your images, can you describe them ?
Agree natural disagree
Are you able to describe your images when you are not looking at them ?
Agree natural disagree

Based on the description of your pass images can others gain access to the system?
Agree natural disagree

Have you used any of the following tools to make it easy for you to remember your pass images
Print screen (with paint)
Camera
Other
Images are easy to recognize


Reasons of failure

If you failed in login to the system, is the reason for that:

The images at the registration stage were very similar to each other
Images are shown in different position than they were at the registration stage
You saw your images only one time when you were selecting them
It is difficult to remember 4 pass images
Others





Time consumption
At which of the following you consumed more time?

Deciding which images that you will use at Registration stage
Recognizing your images at the Login stage
Others.

Usability

Images used in the system were:
Interesting
Difficult to recognize (or remember)
4 pass images is too much and overloading your memory?
Fun to use

Which of the following authentication methods are easier to use?
User name and password
Image based authentication

Implementing image as an authentication system will:
Increase the security
Decrease the security
No effect


Which of the following authentication methods are faster to use?

Image based authentication
Text
Pin
Swipe cards







During this week ( week 17/07/2009 ) i have made some corrections to my code , that is adding more images , and deciding the style of the pages
and i have done all that. this is my code for login .
may be i will add more images in the future as now they are only 32.



<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/11">


	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<title>Image based authentication :: Login</title>
	<link rel="stylesheet"  href="d_files/style.css" type="text/css" media="screen">
  

	
<meta name="generator" content="WordPress 2.8.1">


</head><body>



<div id="wrapper">
<div id="bg">
<div id="masthead"><!-- End of Utilities -->
</div><!-- End of Masthead --><!-- End Primary Navigation -->


<div id="secondary-nav">
	<ul class="secondary-nav">
		
	    <li class="cat-item current-cat"><a>Image based authentication</a></li>
	    	
	<li class="cat-item cat-item-215"><a  href="hpage1.php">Home</a>
</li>
	<li class="cat-item cat-item-165"><a  href="register.php">
	Register</a>
</li>
	<li class="cat-item cat-item-253"><a >The survey</a>
</li>
	<li class="cat-item cat-item-162"><a >
	Presentation</a>
</li>
	<li class="cat-item cat-item-280"><a >Help</a>
</li>
	
	</ul>
</div><!-- End Secondary Navigation -->

<div id="content" class="single"><!-- End Primary Content --> 
<?php

echo '<form method="post"  action="verify1.php" >';

echo "<table border='0' cellpadding='0' cellspacing='2'>\n";


echo "<tr>\n";
echo "<td>";
echo"<font color='#248bd6'>User name</font></td><td>";


  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  

  echo"<input type='text' name='UserName' ></td>";
  
echo"</p>";
echo "</tr>\n";


echo "</table>\n";
 
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
  echo"&nbsp;";
////////////////////



$IMAGE_DIRECTORY = "index_files/";
 
 
$line = "";
$randomNumber= 0;
$imageFiles = array();
$fileName = "";
$x=0;
$total = 0;
$result_array = array();
$pics_per_row = 7;
if ($DIR = opendir($IMAGE_DIRECTORY)) {
	    while ($fileName = readdir($DIR)) {
	            if (is_dir($IMAGE_DIRECTORY . $fileName)) { continue; }
	            if (!preg_match("/\w/", $fileName)) { continue; }
	            if (preg_match("/\.gif$|\.jpg$|\.jpeg$/i",$fileName)) {
	                    $imageFiles[$x] = $fileName;
	                    $x+=1;
	            }
	    }
	    closedir($DIR);
 
	    if( count($imageFiles) > 0 ) {
	                    shuffle($imageFiles);
	            foreach($imageFiles as $field => $value) {
	                                    
	                    $thumb = '<img src="'.$IMAGE_DIRECTORY.$value.'" alt="'.$value.'"  height="110" width="110"/>';
	                    $result_array[] = '<td style="text-align:center;">'.
						
						                            '<input type="checkbox" name="thumb[]" value="'.((int)$value).'"/>'.
	                                               
	                                               $thumb.'</td>';

	                    $total++;
	            }
	            $counter = 0;
	            $output = '<table  ><tr>';
	            foreach($result_array as $cell) {
	                    if($counter == $pics_per_row) {
	                            $counter = 1;
	                            $output .= '</tr><tr>';
	                    } else
	                            $counter++;
 
	                    $output .= $cell;
	            }
	            // This is so that a blank cell isn't left if there were 2 <td> tags you need to add in colspan 2 (pics_per_row = 4)
	            if($counter < $pics_per_row) {
	                    $output .= '<td colspan="'.$pics_per_row - $counter.'"> </td>';
	            }
	            $output .= '</table></tr>';
	          echo $output.'<input type="submit" value="Save"></form>';

	    } else {
	            echo 'No files found';
	    }
} else {
	    echo 'There was a problem generating the gallery';
}


////////////////////////////////////////////////



?>


and this is how is look like

DVD logo

and







This week (24/7/2209) i have completed the final version of my questionnaire and now im ready to start my survey

this is my final version


The reason behind users selection of pass images

Which of the following is the reason for selecting your images?

1- You like images that contain people faces.
2- You like images that contain city attractions.
3- You like images that contain nature.
4- You like images that contain animals.
5- The images remind you of something meaningful.
6- You have chosen your images randomly.



Which of the following has consumed your time?

1- Time taken to create a new password is longer than the time taken to select 4 images as a password.
2- Time taken to select 4 images is longer than time taken to create a new password.
3- Recognizing your images at login and register as well.
4- Remembering your password.




The reasons behind users failure
What do you think is the reason for your failure to login?

1- Images used in the system are similar to each other.
2- Images are shown in different position than they were at the registration page.
3- Remembering 4 images are too much and overloading your memory.
4- Other? Please specify.



System usability

Images used in the system were
1- Interesting.
2- Difficult to recognize.
3- Fun to use.
4- Easy to recognize.


Arrange the following authentication methods from faster to slower
1. Username and password.
2. Image based authentication.
3. Using bank card with the pin.
4. Swipe cards which is used to pass the gates.

Arrange the following authentication methods from easier to difficult
1. Image based authentication.
2. Username and password.
3. Using bank card with the pin.


Do you think the system that will use images as a password is
1- More secure.
2- Less secure.
3- No effect.

If you are succeeded in using the system which of the following is the reason?

1- The images used were easy to recognize.
2- You have a good memory.
3- You have used other tools that are helped you to remember images ( such as print screen or taking a picture to your images) .
4- You have chosen images that you are interested in.



In this week (31/07/2009) i have decided to make an experiment to test what is the results if i make users to hack the system.
in this experiment the users is divided into 2 groups. the first group is the original users, and the second group is the hacker users.
the first group will describe their images and will be asked questions about this experiment
than the second group will try to login using the first group description of their images.
it will be interested to know what is the result from this experiment.
comparing this to text based password system, this system users can easily login based on others telling them their password
but the results of this experiment will show this issues clearly.


1. survey questions for the original users


1. Based on your description do you think others can access to the system using your images?


yes
no


2. If others succeed to login using your images which of the following is the reason?

1. you described your images well.

2. images are easy to recognize.

3. 4 images are not enough for this system

4. other reasons?


3. If others fail to login to the system based on your description which of the following is the reason?

1. Images were difficult to recognize because they have some similarity.

2. You didn't describe your images well.

3. others?

3.What action you will do if others have succeeded to recognize your images?

1. choose hard to recognize images that have similarity with other images .

2. Increase the number of pass-images

3. others?



Part 2 the survey questions for the hacker users

1. If you have succeeded to login to the system which of the following is the reason?

1. The user description of images was complete and helpful.

2. The user has selected easy to recognize images .

3. You know wht the user is interested in.

4. others?.

2. If you have failed to login to the system which of the following is the reason?

1. The user description was not complete.

2. The user has selected difficult to recognize images.

3. Although the user description was good, it was difficult to recognize the images because there is some similarity.

4. others?

3. If you have succeeded in identifying app the images what is your suggestion?

1. choose more than 4 images as a password.

2. Adding images that have some similarity to the system .

3. The user should choose hard to expect images.

4. add other image subjects to the system ( like abstract art ).




In week (7/8/2009)

Initial Survery Research:

* Survey should not exceed 14 pages (P.80) This allows the survey to be sufficiently in-depth, without collecting too much information or putting the user off. If the user percieves the survey to take too much of their time,
it is entirely possible that they mey rush through the questions, harming the overall results.
* Question number should be sequential - even if the survey is divided into sections. (P.81)
* Print single-sided to facillitate notes by both parties (interviewer and interviewee) (P.81)
* If possible, align tick boxes against the margin of the page
* Ensure enough space is left for open-ended questions
* Highlight critical words or statements, but be sure that the correct word is highlighted, otherwise it would be easy to cause confusion. The table extracted from the power of survey design book shows this quite well:

* Avoid leading questions. These are questions which push a certain idea onto the user. The book quotes "Shouldn't something be done about..?" as an example.
The question implies that something should be done, which may or may not be the case (or indeed down to a matter of opinion). (P.36)
* Mitigate politeness bias. This is bias introduced when users feel inclied to answer a surver in a way which will please the interviewer. According to the book:


* Avoid loaded questions. That is, avoid questions which are likely to provoke an emotional response in the user. This point strikes me as rather hard to work with. (P.36)
* Avoid built-in assumptions. The book raises a point about assuming what the survey respondents may or may not know. This point is particularly
relevant to my project since it could be easy to begin to ask technical questions which the user may not know the answer to, or may not be able to give a qualified response.

The language that is used in the survey should be easy enough to the users to understand


* Use words and expressions which are simple and familliar to all respondants. This is a good point since there would be no point in writing a survey which only a portion of the respondants would understand. (Page 40 onwards)
* Avoid technical jargon or concepts which are only to familliar to those with specialised training. Again, this point is relevant to my survey since it would be easy to start questioning the user on matters which could be too technical.
* Avoid double negatives. Not only in the questions but in the answers too. For example, asking the user to answer agree or disagree to "I am not satisfied with my job?" would
cause a double negative response. ("I disagree that I am not satisfied with my job"). This can bias the responses to questions one way or another.
* Be specific. Ie avoid abbreviations where practical.


I have now started my survey , Firstly i have uploaded my site to

https://students.ee.port.ac.uk/ece80490/hpage1.php


and my survey questions link

http://www.surveymonkey.com/s.aspx?sm=Dk634PuG6sPeiSbWEzQk3g_3d_3d

I went to the university library and i have collected a good number of library staff and students as well
they helped me so much, it is a good experience to collect data about my project
i have enjoyed that. now i have about 38 participants
i will run the hack test in the next week in parallel with testing them if they are still able to recognize their images.


In Week (14/8/2007) i have started the survey second run and i have added some other questions
to find out the whether the user is still able to recognize their images well as the first run.
also it is important to see users opinion about time
consuming in register and login with image based authentication.
also it is important to find out the difference in users success or failure according to their ages.


In week 21/8/2009 the survey was finished and the data analysis phase was started below is the initial conclusions.

Conclusions:

1. Users choose image passwords in a way of creating a meaningful story.

2. Time taken to register with image based authentication is more than the time required to register with text based authentication.

3. Time taken to login with image based authentication is more than the time required to login with text based authentication.

4. Users found using image based authentication interesting and a fun experiment.


5 there is an increasing number of participants who think that image based authentication is faster than password system.

6 . the more experience the users have the faster they select new image passwords.

7. In recall based systems similar key inputs are not of major concern whereas they are of concern in recognition based systems.