A graphical password is an authentication system that works by having the user select from images, in a specific order ,presented in a graphical user interface (GUI). For this reason, the graphical-password approach is sometimes called graphical user authentication.
2. CONTENTS
• What Is Graphical Password
• The Survey
• Recognition Based Technique
• Recall Based Technique
• Security Factors
• Implementation And Discussion
• Advantages
• Drawbacks
• Conclusion
3. WHAT IS GRAPHICAL PASSWORD?
• A graphical password is an authentication system that works by having the user select from
images, in A specific order, presented in A graphical user interface (GUI). For this reason, the
graphical-password approach is called graphical user authentication (GUA).
It can be used in:
• Web login application
• ATM machines
• Mobile devices
4. THE SURVEY: TWO CATEGORIES
• RECOGNITION BASED TECHNIQUE
USING RECOGNITION-BASED TECHNIQUES, A USER IS
PRESENTED WITH A SET OF IMAGES AND THE USER PASSES THE
AUTHENTICATION BY RECOGNIZING AND IDENTIFYING THE
IMAGES HE OR SHE SELECTED DURING THE REGISTRATION
STAGE.
• RECALL BASED TECHNIQUE
IN THESE TECHNIQUES, USER HAS TO RECALL
SOMETHING THAT HAS BEEN CREATED OR SELECTED
DURING REGISTRATION.
10. PASS DOODLE TECHNIQUE
• Here some handwritten text/design is drawn by the user
on touch sensitive screen with stylus. During login user
has to redraw the same text.
11. SIGNATURE TECHNIQUE
• Here, during registration user has to register his own signature. For
authentication user has to draw the same signature with mouse.
12. CUED CLICK POINTS
• Cued click points (CCP) is a proposed alternative to pass points. In
CCP, users click one point on each of c =8 images rather than on five
points on one image.
13. BLONDER TECHNIQUE
• In this, for password registration a predetermined image with
predetermined tap regions are displayed to the user. The user has to
click inside those tap regions in a sequential manner. For
authentication, user has to click approximate areas of those tap
regions in a predefined sequence. Here image is a clue to recall a
password.
15. SECURITY FACTORS
• Brute force
• Dictionary attacks
• Guessing
• Shoulder surfing
• Social engineering
16. IMPLEMENTATION AND DISCUSSION
• Graphical password can be implemented in authenticating several
systems and websites. The implementation has few focuses:
• Password: contain image as reference & encryption algorithm.
• Login: contains username, images, graphical password and related
methods.
• Ssr shield: contains shield for shoulder surfing.
• Grids: contains unique grid values and grid clicking related methods
17. ADVANTAGES
• Graphical password schemes provides a way of
making more human-friendly passwords.
• Here the security of the systems is very high.
• Here we use series of selectable images on
successive screen pages.
• Dictionary attacks are infeasible
18. DRAWBACKS
• Password registration and login process take too
long.
• Require much more storage space than text based
passwords.
• Because of their graphic nature, nearly all
graphical password scheme are quite vulnerable
to shoulder surfing
19. CONCLUSION
• Although the main use for graphical passwords is that
people are better at memorizing graphical passwords than
text-based passwords, the existing user studies are very
limited and there is not yet convincing evidence to
support this argument. Our preliminary analysis suggests
that it is more difficult to break graphical passwords
using the traditional attack methods such as brute force
search, dictionary attack, or spyware.