1. GRAPHICAL PASSWORD
1. WHAT IS PASSWORD?
2. WHAT IS GRAPHICAL PASSWORD?
3. THE SURVEY.
4. COMPARISION BETWEEN ALPHA-NUMERIC &
5. A SIMPLE GRAPHICAL PASSWORD SCHEME.
6. GRAPHICAL PASSWORD-WHAT A CONCEPT.
7. ADVANTAGES OF GRAPHICAL PASSWORDS.
 The most commonly used form of user authentication.
 The weakest links of computer security systems.
 Two conflicting requirements of alphanumeric
(1) Easy to remember and
(2) Hard to guess.
Many people tend to ignore the second requirement which
lead to weak passwords. Many solutions have been proposed.
Graphical password is one of the solutions.
4. GRAPHICAL PASSWORDS
 A GRAPHICAL PASSWORD
is an authentication system that works by having the user select from
images, in a specific order, presented in a graphical user interface
(GUI). For this reason, the graphical-password approach is sometimes
called graphical user authentication (GUA).
 It can be used in:
– web log-in application
– ATM machines
– mobile devices
5. The survey : Two categories
 Recognition Based Techniques
– a user is presented with a set of images and the user passes the
authentication by recognizing and identifying the images he
selected during the registration stage
 Recall Based Techniques
– A user is asked to reproduce something that he created or
selected earlier during the registration stage
6. Password is the set of areas on big
 Here user has to select a
background picture from the
given library and have to
provide points of control over
 The sequence of points will
be used as authentication.
 During authentication user
has to give right click on all
the points in the right
7. Recognition Based Techniques
 Sobrado and Birget Scheme
System display a number of pass-objects
(pre-selected by user) among many other
objects, user click inside the convex hull
bounded by pass-objects.
– authors suggested using 1000 objects,
which makes the display very crowed and
the objects almost indistinguishable.
password space: N!/K! (N-K)!
( N-total number of picture objects
K-number of pre-registered objects)
8. Recall Based Techniques
 DAS-Draw A Secret: Input plane
break down on fields, so each field has
its own position in matrix with
 By creating password user pass
through different fields.
 During authentication user has to repeat
his drawing on creating step as close as
possible and pass through same field.
9. COMPARISION BETWEEN ALPHA-NUMERIC &
Commonly used guidelines for alpha-numeric passwords are:
 The password should be at least 8 characters long.
 The password should not be easy to relate to the user (e.g., last name,
 Ideally, the user should combine upper and lower case letters and
 The password consists of some actions that the user performs on an
 Such passwords are easier to remember & hard to guess.
10. Graphical Passwords - What A Concept!
 Here you pick several icons to
represent the password.
 Then when you want to
authenticate it, a screen is
drawn as a challenge to which
you must respond.
 The screen has numerous icons,
at some of which are your
private password icons.
 You must locate your
icons visually on the
screen and click on the screen
to the password.
11. A SIMPLE GRAPHICAL PASSWORD
The user chose these regions when
he or she created the password.
The choice for the four regions is
arbitrary, but the user will pick
places that he or she finds easy to
remember. The user can introduce
his/her own pictures for creating
graphical passwords. Also, for
stronger security, more than four
click points could be chosen.
12. ADVATAGES OF GRAPHICAL PASSWORDS
 Graphical password schemes provide a way of making more human-
friendly passwords .
 Here the security of the system is very high.
 Here we use a series of selectable images on successive screen pages.
 Dictionary attacks are infeasible.
 Password registration and log-in process take too long.
 Require much more storage space than text based passwords.
 Shoulder Surfing
It means watching over people's shoulders as they process
information. Examples include observing the keyboard as a person
types his or her password, enters a PIN number, or views personal
Because of their graphic nature, nearly all graphical password
schemes are quite vulnerable to shoulder surfing.
14. SOLUTION TO SHOULDER SURFING
(1) TRIANGLE SCHEME
15. (2) MOVABLE FRAME SCHEME
 Graphical passwords are an alternative to textual alphanumeric
 It satisfies both conflicting requirements i.e. it is easy to remember &
it is hard to guess.
 By the solution of the shoulder surfing problem, it becomes more
secure & easier password scheme.
 By implementing other special geometric configurations like triangle
& movable frame, one can achieve more security.