3D passwords combine multiple authentication factors by using a 3D virtual environment. Users authenticate by interacting with virtual objects in a specific sequence based on their location. This addresses limitations of traditional passwords that can be cracked or stolen. The 3D password is constructed through a user's interactions in the virtual world, combining what they know, have, and do for strong multi-factor authentication. While providing increased security, 3D passwords also have drawbacks such as increased storage needs and vulnerability to timing attacks if the virtual environment is not carefully designed.

1. 3D PASSWORD
By,
R.Preethi
M.Sc.,CS
Dept of IT
VHNSN College
Virudhunagar

2. Authentication
Authentication is the process of validating who are
you to whom you claimed to be or a process of
identifying an individual. It is generally based on the
following as,
1.What you Know 2.What you have 3.What you are

3. Need For 3D Password
• Textual Passwords
User name and Password easy to crack, subject to Brute Force
attack.
• Graphical Passwords
Recall and Recognize pictures, subject to shoulder surfing attack.
• Biometrics
Need special scanning devices to verify the users.
• Smart Cards
Can be lost or stolen, user want to carry everywhere.

4. 3D Password
• 3D Password multi-factor Authentication scheme.
• 3D Password combines all the authentication
schemes
– What you know
– What you have
– What you recognise
– What you are

5. 3D Password
• Presents a 3D virtual environment with various
virtual objects.
• It combines all existing scheme into one 3D
virtual environment.
• The 3D Password is constructed by the users
interaction with the virtual objects on the virtual
environment.

6. How it Works?
• Let us consider a 3D virtual environment space of size G ×G × G.
The 3D environment space is represented by the coordinates (x, y,
z) ∈ [1, . . . , G] ×[1, . . . , G] ×[1, . . . , G].
• The objects are distributed in the 3D virtual environment with
unique (x, y, z) coordinates.
• The user can walk in the virtual environment and type something
on a computer that exist in (x1, y1, z1) position, then walk into a
room that has a white board that exist in a position (x2, y2, z2) and
draw something on the white board. The combination and the
sequence of the previous two actions towards the specific objects
construct the user’s 3D password.

8. Security Analysis
• Brute Force Attack
Time Consuming
Cost of Attack is more
• Well Studied Attack
Hard to accomplish, attacker has to perform customized attacks
for different environment.
• Shoulder Surfing Attack
Attacker tries to record the user’s interaction with 3D virtual
environment using camera.
• Timing Attack
Attacker observes the total time taken by the legitimate user to log
in, it is possible if the virtual environment is poorly designed.

9. Application
• Critical Servers
• Online Banking
• Nuclear and Military Facilities
• Airplanes and Jetfighters
• Web Authentications,ATM,Desktop or Laptop logins

10. Advantage
• Provides strong security.
• As this system is based on human quality recognize and
recall, password cracking algorithms fail to crack these
passwords.
• The cost of forging information from 3D virtual environment
is very high, therefore cracking the 3D password is more
challenging.
• As the authentication system is complex the hacker will have
to study the new authentication schemes

11. Disadvantage
• Space required to store the password is more.
• Complexity is more in developing.
• Timing attacks can be very effective if the 3D virtual
environment is poorly designed.
• Shoulder surfing is more vulnerable. So entering these
passwords must be done in secured place.

12. Conclusion
• 3D Password Provides
– Flexibility: 3D Passwords allows Multifactor
authentication
– Strength: Provides almost unlimited passwords possibility.
– Easy to Remember: can be remembered in the form of
short story.
– Privacy: Organizers can select authentication schemes that
respect users privacy.