Why no to text passwords???
Easy to remember ---- Easy to guess.
Users tend to use same password for different accounts.
An Alternative : GRAPHICAL PASSWORDS
->Humans can remember pictures better than text.
->Hard to decode.
->Overcoming SQL Injection.
4. INTRODUCTION
Why no to text passwords?
Easy to remember ---- Easy to guess.
Users tend to use same password for different accounts.
An Alternative : GRAPHICAL PASSWORDS
Humans can remember pictures better than text.
Hard to decode.
Overcoming SQL Injection.
6. GRAPHICAL PASSWORDS
Recognition Based Techniques.
• The user is presented with a set of images, the user
authenticates by recognizing and identifying the images he
selected at the time of registration.
Recall Based Techniques.
• The user is asked to reproduce something that he created
or selected earlier during the registration stage.
7. RECOGNITION BASED
TECHNIQUES
Dhamija and Perrig
Select several pictures out of many choices, identify them in
the selected order to authenticate.
The server needs to store the seeds of the portfolio images of
each user in plain text.
Selecting a set of pictures can be tedious and time
consuming for the user.
10. RECALL BASED TECHNIQUES
Pass point (PP)
Password consists of an ordered sequence of five
click-points on a pixel-based image.
To login, a user must click within some system
defined tolerance region for each click-point.
12. RECALL BASED TECHNIQUES
Cued Click Points (CCP)
Users select one point per image for five images.
The interface displays only one image at a time.
If a user enters an incorrect click-point during
login, the next image displayed will also be
incorrect.
14. RECALL BASED TECHNIQUES
Persuasive Cued Click- Points (PCCP)
During password creation, most of the image is
dimmed except for a small view port area that is
randomly positioned on the image.
The view port can be shuffled to a specific location.
16. DISCUSSION
Dictionary attacks
Graphical passwords are less vulnerable to dictionary
attacks than text-based passwords.
Social Engineering
It is very difficult to give away graphical passwords
over the phone or email.
Spyware
“Mouse tracking” spy ware maybe an effective tool
against graphical passwords.
17. PROPOSED SYSTEMS
Automated Turing Tests(ATTs) are effective to identify
automated malicious login attempts with reasonable cost of
inconvenience to users.
PGRP limits the total number of login attempts from
unknown host, legitimate users in most cases.
Proposed system also provide protection against key logger
spyware.
18. APPLICATIONS
Workstations.
Web login applications.
More security in ATM’s.
Its implementation has already started in mobile devices.
19. ACCURACY
Graphical passwords are more secure than textual
passwords.
They are more efficient.
They have high accuracy rate.
Most reliable.
20. CONCLUSION
Human brain is better at memorizing graphical
passwords than text based passwords.
It is more difficult to break graphical passwords
using the traditional attack methods.
This offers more convenient login experience.
It appears suitable for organisations of both small
and large number of user accounts.