A cognitive password is a form of knowledge-based authentication that requires a user to answer a question, presumably something they intrinsically know, to verify their identity.
[5] Early research into this trade-off between security and usability aimed to develop a password system that utilized easily remembered personal facts and encouraged user participation.
[6] This concept of associative passwords was extended to a pre-specified set of questions and answers that users would be expected to know and could easily recall.
[10] A historical overview of the use of various cues found that the specific design and layout of the page impinge the memorability and strength.
[11] Later work illustrated that inclusion of a visual cue enabled strongly significant improvements in the trade-off between memorability and security.
Fact based systems have questions with answers that are considered independent of an individual's feelings such as "What is the name of the high school you attended?".
The second criterion recommended selecting questions with a sufficiently large set of potential answers (i.e. not asking "How many children do you have?"
[16] Older people dealing with the normal cognitive decline of aging may respond well to visual cues.