Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Graphical Password Authentication

5,948 views

Published on

An authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI).
The graphical-password approach is sometimes called graphical user authentication (GUI).

Published in: Technology

Graphical Password Authentication

  1. 1. Submitted By: Achal S. Khawale. Guided By: Prof.S.N.Khandare. Department Of (M.C.A.3rd) H.V.P.M. Amravati. 2013-2014
  2. 2. Contents: Introduction Graphical Password Advantages of Graphical Password Drawbacks Solution to Shoulder Surfing Problem Usability Conclusion
  3. 3. Introduction:  Most common computer authentication method (Text-Based Passwords). • Difficulty of remembering passwords.  Easy to remember => Easy to guess  Hard to guess => Hard to remember  Users tend to write passwords down or use the same passwords for different accounts.  An alternative: Graphical Passwords. • Psychological studies: Human can remember pictures better than text.
  4. 4. Graphical Password: • An authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI). • The graphical-password approach is sometimes called graphical user authentication (GUI).
  5. 5. Classification Techniques:  Recognition Based Techniques: • A user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he selected during the registration stage.  Recall Based Techniques: • A user is asked to reproduce something that he created or selected earlier during the registration stage.
  6. 6. Classification Techniques:  Recognition Based Techniques: • A user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he selected during the registration stage.  Recall Based Techniques: • A user is asked to reproduce something that he created or selected earlier during the registration stage.
  7. 7. Recognition Based Techniques:  Dhamija & Perring Scheme: • Pick several pictures out of many choices, identify later in authentication. • Take longer to create graphical passwords.  Sobrado & Birget Scheme: • Systems display a number of pass-objects (pre-selected by user) among many other objects, user click inside the convex hull ounded by pass-objects.
  8. 8. Recognition Based Techniques:  Other Schemes: Using human faces as password Select a sequence of images as password
  9. 9. Recall Based techniques:  Draw-A-Secret (DAS) Scheme: • User draws a simple picture on 2D grid, the co ordinates of the grids occupied by the picture are stored in the order of drawing. • Redrawing has to touch the same grids in the same sequences in authentication.
  10. 10. Advantages of Graphical Passwords:  Provide a way of making more human-friendly passwords while increasing the level of security.  On average–millions of years to break into the system.  Dictionary attacks are infeasible.
  11. 11. Drawbacks:  The shoulder surfing problem:  As the name implies, shoulder is watching over people’s shoulders as they process information. Example includes observing the keyboard as a person types his or her password, enters a PIN number, or views personal information.  Because of their graphic nature, nearly all graphical password schemes are quite vulnerable to shoulder surfing. Most of the existing schemes simple circumvent the problem by stating the graphical passwords should only be used with handheld devices or workstation set up in such a way that only one person can see the screen at the time of login. However, it is possible to create schemes to counter shoulder surfing problem.
  12. 12. Solution of Shoulder surfing problem: Triangle Scheme: Movable Frame Scheme:
  13. 13. Usability:  Pictures are easier to remember than text strings.  Password registration and login process take too long.  Require much more storage space than text based passwords.
  14. 14. Conclusion:  Main argument for Graphical Password: • Satisfies both conflicting requirements i.e. it is easy to remember & it is hard to guess.  More difficult to break graphical passwords from traditional attack methods: • Brute Force Search • Dictionary Attack • Spyware  Not yet widely used, current graphical password techniques are still immature.  By implementing other special geometric configurations like triangle & movable frame, one can achieve more security.
  15. 15. Reference  www.searchsecurity.teachtarget.com  www.acsac.org  www.ieexplorer.ieee.org
  16. 16. Thank You.!!!

×