The only difference is that it uses a visual cue as a form of two-step authentication. You have to be able to see the image, and also interact with it, in order to clear the password. How this is used in cryptography, with Kerberos, to make it more difficult to break, I'm not sure. To give you an example, though, with a regular password, you would not need to see visual cue/artifact/image and interact with it. This should make brute force methods more complex, as well as the ability for a malware program to clone the screen.