A system for secure user authentication of a mobile electronic device includes a touch-based user interface of the mobile electronic device, a processor, and a computer-readable storage medium. The system presents a graphical user interface comprising a target location represented by a graphical indication, and receives an authentication code comprising a sequence of taps. The system determines input positional data associated with the authentication code that indicates a location on the touch-based user interface where the sequence of taps is received. The system determines whether to permit a user of the mobile electronic device to access a function of the mobile electronic device based at least in part on whether the input positional data is consistent with previous input received from the user of the mobile electronic device.