The ubiquitous use of alphanumerical passwords to control access to computing devices poses a dilemma for most users: a simple, convenient scheme risks unauthorized access, while a more sophisticated but also more cumbersome scheme improves security. At one extreme are users who use a single, simple password for multiple accounts, while at the other are those with password managers, single-use passwords in combination with secondary communication channels, or sophisticated password generation schemes.

This paper examines the use of passwords for computer users older than 60. Many of those users prefer simple password schemes, and often rely on writing them down, with the obvious dangers associated with these practices. An interesting alternative to text or numerical personal identification numbers (PINs) is the use of image-based techniques. Here, users select a sequence of images from a set displayed on the screen.

The author suggests a variation of previous image-based solutions by letting users select personally meaningful images to set as the password, and identifying those images in the correct sequence from a larger set displayed on the screen. Implemented carefully, the entropy is similar to textual passwords with comparable characteristics (set of symbols/images, length of the sequence). Initial experiments conducted with users from the target audience confirmed the practicality and usability of the scheme, and a follow-up study will expand the group of participants and investigate related aspects.

The method of using personally meaningful images instead of text or PINs looks promising for older users, and may be an attractive alternative for computer users in general. One crucial question is how to curate a pool of images that contains enough candidates with meaningful associations for individuals while avoiding clues that could be used to break this personal internal secret key.