2. Introduction
Overview of the Authentication Methods
Techniques of GPA
◦ Recognition Based Techniques
◦ Recall Based Techniques
Discussion
◦ Security
◦ Usability
Conclusion
3. INTRODUCTION
What is PASSWORD
The term password commonly refers to a secret used for
authentication.Password are the most commonly used
method for identifying users in computer and
communication systems.
PASSWORDS are used for:
Logging into accounts.
Retrieving emails.
Accessing application.
Networks.
Websites.
Databases.
Workstations.
7. RECOGNITIONBASEDTECHNIQUES
A user is presented with a set of images and the user passes the authentication by recognizing and
identifyingtheimages heselectedduringtheregistrationstage
RECALLBASEDTECHNIQUES
A user is asked to reproduce/recreate something that he created or selected earlier during
the registrationstage
8. Recognition Based Techniques
Dhamija and Perrig Scheme
Pick several pictures out of many choices, identify them later
in authentication.
◦ using Hash Visualization, which,
given a seed, automatically
generate a set of pictures
◦ take longer to create graphical
passwords
password space: N!/K! (N-K)!
( N-total number of pictures; K-number of pictures selected as passwords)
9. Recognition Based Techniques
Triangle Scheme
The concept is simple:you pick several icons to represent
your password.The screen
has numerous icons ,at some of which are your
private password icons.You must locate your
icons visually on the screen and click somewhere
directly inside the perimeter they create--but not
on the icon themselves.
password space: N!/K! (N-K)!
( N-total number of picture objects; K-number of pre-registered
objects)
10. Pass face scheme
In this technique human
faces are used as password.
Recognition Based Techniques
11. Recall Based Techniques
Draw-A-Secret (DAS) Scheme
User draws a simple picture on a 2D grid, the coordinates
of the
grids occupied by the picture are stored in the order of
drawing.
redrawing has to touch the
same grids in the same
sequence in authentication
user studies showed the
drawing sequences is hard to
Remember
12. Recall Based Techniques
“Pass Point/ Click Point ” Scheme
User click on any place on an image to create a password. A tolerance
around each chosen pixel is calculated. In order to be authenticated,
user must click within the tolerances in correct sequence.
can be hard to remember the
sequences
Password Space: N^K
( N -the number of pixels or smallest
units of a picture, K - the number of
Point to be clicked on )
13. Click point’s as password
1st click 2nd click 3rd click 4th click 5th click …
Click
point
15. Is a graphical password as secure as text-
based passwords?
◦ text-based passwords have a password space of
94^N
(94 – number of printable characters, N- length of passwords).
Some graphical password techniques can compete: Draw-A-Secret
Scheme, Pass Point Scheme.
Text passwords are Vulnerable/prone to
attacks like Dictionary attack, Brute
force attack, spyware .
16. Brute force attack / Dictionary attacks
Brute force attack aims at being the
simplest kind of method to gain access to a site: it tries
usernames and passwords, over and over again, until it
gets in.
In a brute force attack, automated software is used to
generate a large number of consecutive guesses as to
the value of the desired data.
It can be very successful when people use passwords
like '123456' and usernames like 'admin.'
17. Brute force attack / Dictionary attacks
Dictionary attack is a technique or method used to
breach the computer security of a password-protected
machine or server by systematically entering every word
in a dictionary as a password.
Dictionary attacks work because many computer users
and businesses insist on using ordinary dictionary words
as passwords
19. Password registration and log-in process take too long.
Require much more storage space than textual/character passwords.
SHOULDER SURFING
It means watching over people's shoulders as they process information.
Examples include observing the keyboard as a person types his or her password,
enters a PIN number, or views personal information.
Because of their graphic nature, nearly all graphical password schemes are quite
vulnerable/unsafe to shoulder surfing.
Drawback's of picture password
22. Picture passwords are an alternative to textual alphanumeric password.
It satisfies both conflicting requirements i.e. it is easy to remember & it is
hard to guess.
By the solution of the shoulder surfing problem, it becomes more secure &
easier password scheme.
By implementing encryption algorithms and hash algorithms for storing and
retrieving pictures and points, one can achieve more security
Picture password is still immature, more research is required in this field.
CONCLUSION