Ppt for graphical password authentication using cued click points
PRESENTED BY:HARIKRISHNAN NAIR
The two most commonly used techniques in picture password
RECOGNITION BASED TECHNIQUES A user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he selected during the registration stageRECALL BASED TECHNIQUES A user is asked to reproduce something that he created or selected earlier during the registration stage THIS PROJECT IS BASED ON RECALL BASED
MODULES USER REGISTRATION PROCESS FINAL REGISTRATION PROCESS PICTURE SELECTION PROCESS SYSTEM LOGIN PROCESS
//EXAMPLE:Enter the username in the rockyusername field USERNAME Click on NEW USER REGISTER button NEW USER REGISTER DATABASE Verifies the username and New user registration process. store into the database
How to Select picture’s?There are two ways for selecting an picture for password authen
User Defined Picture’sPicture’s are selected by the user from the hard disk or any other imagesupported devices. PICTURE
System Defined Picture’sPicture’s are selected by the user from the database of thepassword system PICTURE DATABASE
THE PICTURE SELECTED FROM ONE OF THE SYSTEM USER DEFINED PICTURE ORDATABASE Picture + Gridlines SYSTEM DEFINED PICTURE
MESSAGE BOX: DO YOU WISH TO CONTINUE WITH THIS POINT YES NO Select another po User click on the DATABASE point Point and the image will be stored into database . Now the user can select another image and follows theUser with username Steps above.
Click point’s as password1st click 2nd click 3rd click 4th click 5th click … Click point
FINAL REGISTRATION PROCESS USER REGISTRATION PROCESS + PICTURE SELECTION PROCESS STEP1: User enters the username and click on NRB. STEP2: Click on PICTURE button for selecting an picture for password. STEP3: Select a point on the picture and click to next picture. STEP4: The point on the last picture will be calculated as the last point for opening the desired system.Note: all the points and the pictures along with the username will be stored into database
Username USERNAME verification Verifies the username Checks the usernamReenter the Incorrect in the databaseusername username User enters the username Generates an message “ username doesnt match “ DATABASE If username “Please Reenter the username” not matched NOTE Correct The user can enter the username only 5 times username if the username is wrong. If the incorrect username exists 5 times the PASSWORD SYSTEM SHUTS DOWN.
First picture stored in database during Last picture registration Correct click point Gives the next image Correct username DATABASE System gives 3 chances to Verification of click point The user for incorrect passwordDatabase contains savedpictures and points. If the user exists 3 chances then the password system displays another picture which will be unrelated to the picture selected by the user during password creation
Opens the system protected with passwordLast picture in the database The change password can be done after logging into the main system. The change password follow’s the same create password steps.
Advantages of picture password authentication Graphical password schemes provide a way of making more human-friendly passwords . Here the security of the system is very high. Here we use a series of selectable images on successive screen pages. Dictionary attacks are infeasible.
Drawbacks of picture password Password registration and log-in process take too long. Require much more storage space than text based passwords. SHOULDER SURFING It means watching over peoples shoulders as they process information. Examples include observing the keyboard as a person types his or her password, enters a PIN number, or views personal information. Because of their graphic nature, nearly all graphical password schemes are quite vulnerable to shoulder surfing.
Grid Square Size The security of this system depends on the size ofthe picture As the size of the picture increases Simultaneously the grid square Increases. Thus, making the system highly Secured. We can also use encryption alg. For
Do’s and Don’ts for secured passwordDo’s1. use easy to remember pictures but hard crack.2. Avoid hotspots on the picture while selecting click point.3. Always remember the click point and picture which will become helpful for knowledge based authentication.4. Choose minimum 3 pictures or maximum 5 pictures for this password system.5. As no Of pictures increases the password becomes that tight.Don’ts6. Do not use too much bright and black pictures for password
T H E A P P L I C AT I O N O F P I C T U R E PA S S W O R D SYSTEM 1. HARD DISK LOCKING. 2. SYSTEM LOG IN AND LOG OUT PROCESS. 3. FOLDER LOCKING . 4. WEB LOG-IN APLLICATION
TECHNIQUE PROPOSED AND IMPLEMENTED BYBlonder , Passlogix , WiedenbeckAUTHENTICATION PROCESSClick on several pre- registered locations of a picture in the right sequence.MEMORABILITYCan be hard to rememberPASSWORD SPACEN^K (N is the number of pixels or smallest units of a picture, K is the number oflocations to be clicked on)POSSIBLE ATTACK METHODSGuess, shoulder surfing
CONCLUSION Picture passwords are an alternative to textual alphanumeric password. It satisfies both conflicting requirements i.e. it is easy to remember & it is hard to guess. By the solution of the shoulder surfing problem, it becomes more secure & easier password scheme. By implementing encryption algorithms and hash algorithms for storing and retrieving pictures and points, one can achieve more security Picture password is still immature, more research is required in this field.