= Graphical password =

A graphical password or graphical user authentication is a form of authentication using images rather than letters, digits, or special characters. The type of images used and the ways, in which users interact with them vary between implementations.

==Content types and mechanisms==

===Image sequence===
Graphical passwords frequently require the user to select images in a particular order or respond to images presented in a particular order.

===Image-generated text===

Another graphical password solution creates a one-time password using a randomly generated grid of images. Each time the user is required to authenticate, they look for the images that fit their pre-chosen categories and enter the randomly generated alphanumeric character that appears in the image to form the one-time password.

===Facial recognition===
One system requires users to select a series of faces as a password, utilizing the human brain's ability to recall faces easily.

=== Draw-a-Secret (DAS) ===
Draw-a-Secret is a type of graphical password that requires the user to draw a picture over a grid. The user must exactly remember the user-drawn gestures in order to be authenticated. A larger stroke count corresponds with an increase in security, since it is harder for an attacker to copy the strokes and the order in which they are performed.

==Weaknesses==
When not used in a private setting, graphical passwords are typically more susceptible than text-based passwords to "shoulder-surfing attacks", in which an attacker learns the password by watching the screen, as a user gains access.
