© 2017 Yean Li Ho, Bachir Bendrissou, Afizan Azman and Siong Hoe Lau. This open access article is distributed under a Creative Commons Attribution (CC-BY) 3.0 license. American Journal of Applied Sciences Original Research Paper BlindLogin: A Graphical Authentication System with Support for Blind and Visually Impaired Users on Smartphones Yean Li Ho, Bachir Bendrissou, Afizan Azman and Siong Hoe Lau Faculty of Information Science and Technology (FIST), Multimedia University (MMU), Melaka, Malaysia Article history Received: 07-12-2016 Revised: 03-05-2017 Accepted: 11-05-2017 Corresponding Author: Yean Li Ho Faculty of Information Science and Technology (FIST), Multimedia University (MMU), Melaka, Malaysia Email: ylho@mmu.edu.my Abstract: Most graphical password systems on smart phones do not consider the needs of blind and visually impaired users. The main objective of this paper is to propose a new graphical authentication system which combines the usability of the graphical password with the security of the textual password and allows all types of users, including the blind and visually impaired users to use the same authentication system on a smartphone without any extra costs for special hardware. 84.6% of those surveyed would recommend BlindLogin to their friends. 46.2% of the respondents also found the BlindLogin password to be easier to remember than the regular textual password. BlindLogin is a viable alternative as a universal graphical password authentication system. Keywords: Authentication, Blind, Graphical Passwords, Human Computer Interaction Security, Usability-Deployability-Security Model, Visually Impaired Introduction Authentication systems are basically categorized into three types: Knowledge-based (something you know), token-based (something you own) and biometric-based (something you are). Of the three, knowledge-based authentication systems are the most frequently used and the most common knowledge- based authentication system is the textual password. However, in 1996, a new branch of knowledge-based passwords known as graphical passwords were introduced by Blonder (1996). Thorpe and van Oorschot (2004) states that people have better recall for objects, followed by pictures and finally words. Narender et al. (2010) noted that textual passwords which are long and randomly formed are hard to remember. Therefore, users go around this situation by choosing simple easy to remember and insecure words like names and dictionary words or write down their passwords on sticky notes and place them in an easily accessible location like on the computer monitor. Graphical passwords are more suitable for keyboard less systems like smartphones and can be used to overcome weaknesses of textual passwords like brute-force attacks and key-logging attacks (Kimwele et al., 2009). To date, there are more than 90 different types of graphical passwords and they can be broadly categorized as Recognition-based graphical passwords, Recall-based graphical passwords, Recognition-Recall based hybrid passwords and Textual-Graphical hybrid passwords (Ho et al., 2015). Recognition-based graphical passwords are also known as Searchmetric or Cognometric passwords. Recall-based graphical passwords can be subcategorized as Cued Recall (Iconmetric) Passwords and Pure Recall (Drawmetric) passwords, Cued Recall (Iconmentric) passwords can be subcategorized as Locimetric and Psychometric passwords. The detailed taxonomy and references for all these graphical password systems can be found in Ho et al. (2015). So far, all these systems do not consider the needs of blind and visually impaired users. For a system to be truly usable, the system must be able to be used universally by all kinds of users regardless of their background and accessibility capabilities. Our proposal is to introduce a graphical password system which is almost as secure as the regular textual password system but is more usable than the existing graphical password systems in a sense that it will be usable to blind and visually impaired users as well as regular sighted users. According to Boyd et al. (1990), blind activists have raised the issue that screen readers are not equipped to meet the rapids changes of modern GUI interfaces for the sighted community as most software applications have been designed for the sighted community without considering the needs of the blind and visually-impaired communities (Edwards et al., 1994; Griffeth, 1996). The virtual keyboards on smartphones are not practical for blind and visually-impaired users as they require