A New Graphical Password: Combination of Recall & Recognition Based Approach
Authors: Md. Asraful Haque, Babbar Imam
Abstract:
Information Security is the most describing problem in present times. To cop up with the security of the information, the passwords were introduced. The alphanumeric passwords are the most popular authentication method and still used up to now. However, text based passwords suffer from various drawbacks such as they are easy to crack through dictionary attacks, brute force attacks, keylogger, social engineering etc. Graphical Password is a good replacement for text password. Psychological studies say that human can remember pictures better than text. So this is the fact that graphical passwords are easy to remember. But at the same time due to this reason most of the graphical passwords are prone to shoulder surfing. In this paper, we have suggested a shoulder-surfing resistant graphical password authentication method. The system is a combination of recognition and pure recall based techniques. Proposed scheme can be useful for smart hand held devices (like smart phones i.e. PDAs, iPod, iPhone, etc) which are more handy and convenient to use than traditional desktop computer systems.
Keywords: Authentication, Graphical Password, Text Password, Information Security, Shoulder-surfing.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1091324
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4142References:
[1] William Stallings and Lawrie Brown, "Computer Security: Principle and Practices.” Pearson Education, 2008.
[2] X. Suo, Y. Zhu, and G. S. Owen, "Graphical passwords: A survey," 21st Annual Computer Security Applications Conference (ASCSAC 2005). Tucson, 2005.
[3] Md. Asraful Haque, Babbar Imam, Nesar Ahmad, "2-Round Hybrid Password Scheme”, International Journal of Computer Engineering and Technology (IJCET), Vol. 3, Issue 2, July-September (2012), page. 579-587.
[4] D.Weinshall and S. Kirkpatrick, "Passwords You’ll Never Forget, but Can’t Recall," in Proceedings of Conference on Human Factors in Computing Systems (CHI). Vienna, Austria: ACM, 2004, pp. 1399-1402.
[5] G. E. Blonder, "Graphical passwords," in Lucent Technologies, Inc., Murray Hill, NJ, U. S. Patent-5559961, Ed. United States, 1996.
[6] Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy, and Nasir Memon, "Passpoints: design and longitudinal evaluation of a graphical password system”, International Journal of Human-Computer Studies, 63:102–127, July 2005.
[7] Sonia Chiasson, P.C. Van Oorschot, and Robert Biddle, "Graphical Password Authentication Using Cued Click Points”, 12th European Symposium on Research in Computer Security (ESORICS), 2007, pp. 359-374
[8] Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K. Reiter, and Aviel D. Rubin, "The design and analysis of graphical passwords”, Proceedings of the 8th USENIX Security Symposium Washington, D.C., USA, August 23–26, 1999
[9] A. F. Syukri, E. Okamoto, and M. Mambo, "A User Identification System Using Signature Written with Mouse," in Third Australasian Conference on Information Security and Privacy (ACISP): Springer-Verlag Lecture Notes in Computer Science (1438), 1998, pp. 403-441.
[10] R. Dhamija, and A. Perrig. "Déjà Vu: A User Study Using Images for Authentication”. In 9th USENIX Security Symposium, 2000.
[11] Real User Corporation, "How the Passface System Works”, 2005.
[12] L. Sobrado and J.-C. Birget, "Graphical Passwords," The Rutgers Scholar, An Electronic Bulletin for Undergraduate Research, vol. 4, 2002.
[13] Huanyu Zhao and Xiaolin Li, "S3PAS: A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme”, 21st International Conference on Advanced Information Networking and Applications Workshops, AINAW '07. Page(s): 467 – 472.
[14] Haichang Gao, Xiyang Liu, Ruyi Dai, "Design and Analysis of a Graphical Password Scheme”, International Conference on Innovative Computing, Information and Control (ICICIC), 2009, pp. 675 – 678.
[15] S.Man, D. Hong, and M. Mathews, "A Shouldersurfing Resistant Graphical Password Scheme”, In Proceedings of International Conference on Security and Management, Las Vegas, NV, 2003.