Abstract: Graphical passwords are expected to be easier to recall, less likely to be written down and have the potential to provide a richer symbol space than text based passwords. For example, a user might authenticate by clicking a series of points on an image, selecting a series of tiles, or by drawing a series of lines on the screen [Davis et al. 2004]. An example of the tiled approach is the Real User Corporation's PassFaces system [Real User, 2005] illustrated in Figure 1. For both text and graphical password entry systems the user needs to carefully enter the password in case a malicious user is observing the session via "shoulder surfing." Although some authors assume that graphical passwords will be entered on a small screen with a reduced observation angle [Jansen 2004], and thus dismiss the likelihood of shoulder surfing, this assumption is not always true.