UIPA: User authentication method based on user interface preferences for account recovery process

Because of the global increment of various computer implementation, the usage of the internet has increased significantly. This phenomenon has mainly contributed to the growing usage of the World Wide Web, which is considered as one of the inventions in computer technology that changed the modes of human communication and exchange of information. As new work tools, an increasing number of people are using online systems. Accordingly, user authentication has become a significant issue in the online environment. The traditional password is still the most common means to verify user identity. However, strong passwords are sometimes difficult to remember, and thus a recovery procedure is needed. It can be said that the majority of online systems apply different methods of recovery, such as using challenging questions besides the out-of-band communication (i.e., email or SMS). Nevertheless, these approaches are still suffering from security and usability problems. This study therefore proposes a novel authentication method based on user interface (UI) preferences, called the User Interface Preferences Authentication (UIPA). This method can be applied with online systems that offer UI designs since it provides users with the chance to choose a preferred design of the interface on the basis of their personal characteristics. Hence, the user identity is then verified based on that interface. The performance, security, and usability of UIPA have been evaluated. The results of the experiments show that UIPA has a false positive rate of 0.416% and a false negative rate of 0%. Moreover, a user acceptance questionnaire, which has been designed based on the technology acceptance model, shows that users are pleased and willing to accept the proposed technique. To conclude, UIPA can be applied as an efficient account recovery method compared with the currently used methods. It could also help in addressing the security–usability trade-off problem.