Recently I have seen a few websites that ask the user to choose an image, from a selection, that will show up when the user logs in to their account. The purpose being that this will add an extra level of security by allowing the user to confirm that they have, or are logging into the right site, and not that of a clone.
In theory, its a good idea, but in practice, not so much.
The user may not have any affinity with the images that they are being asked to choose from. Using the example above, the user might not be interested in basketball, quad biking or water sports. They will then make a random selection, that they may not remember, or recognise when they try to log into the site again.
Allow the user to upload their own image. This will guarantee that the user will recognise the image being presented on login. Creating the trust that this verification method is aiming to create.
Tags: security, UX