Password prevents unauthorized access to the data and also provides high security and confidentiality. Due to
various drawbacks in text based passwords, graphical password authentication was developed as an alternative.
Graphical passwords also provide more security when compared to text based. In graphical password authentication,
users click on images to set their passwords. Images are generally easier to be remembered than text. In graphical
password authentication users can set images as their password. Caesar Cipher Technique is an encryption
technique used for secure transmission of textual data. In this paper, this technique is applied for graphical
password in order to provide enhanced security to the user.
Authentication Using Graphical Passwordijceronline
This paper introduces image based captcha to protect user data or unauthorized access of information. In that password is created from images and text password. Current system is based on only text password but it has disadvantages small password mostly used and easy to remember. This type of password is easy to guess through different attack i.e. dictionary attack and brute force attack. In this paper we have proposed a new image password scheme. In this Recognition based technique is used with numerical password which provide more security and easy to remember text and graphical password.
Authentication Schemes for Session Passwords using Color and ImagesIJNSA Journal
Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, two techniques are proposed to generate session passwords using text and colors which are resistant to shoulder surfing. These methods are suitable for Personal Digital Assistants.
An Ancient Indian Board Game as a Tool for AuthenticationIJNSA Journal
User authentication is the first phase of information security. Users should remember their passwords and recall them for authentication. Text based passwords is the traditional method for authentication. Short and simple passwords are memorable and usable but not secure. Random and lengthy passwords are secure but not memorable and usable. Graphical password schemes are introduced as alternatives to text based schemes. Few grid based authentication techniques are also proposed. The purpose of this paper is to introduce a tool to enhance the memorability and security of passwords which also provides usability. The most popular ancient Indian board game “Snakes and Ladders” is used as a tool for authentication.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
A Well Known Tool Based Graphical Authentication Technique cscpconf
Authentication is the first step of information security. Authentication schemes require users to
memorize the passwords and recall them during log-in time. Traditional text-based
authentication schemes have memorability problems for secure passwords. Graphical password
schemes are introduced as alternatives to text based schemes. Many techniques have been
designed using single image or multiple images. Few grid based authentication techniques are
proposed. This paper introduces a new authentication technique based on a well known tool.
The most popular game especially in rural areas, “Snakes and Ladders” is used as a tool in
authentication technique. The usage of this tool increases the memorability and usability of
passwords.
USER AUTHENTICATION USING NATIVE LANGUAGE PASSWORDSIJNSA Journal
Information security is necessary for any organization. Intrusion prevention is the basic level of security which requires user authentication. User can be authenticated to a machine by passwords. Traditional textual passwords are vulnerable to many attacks. Graphical passwords are introduced as alternatives to textual passwords to overcome these problems. This paper introduces native language passwords for authentication. Native language character set consists of characters with single or multiple strokes. User can select one (or more) character(s) for his password. The shape and strokes of the characters are used for authentication.
Authentication Using Graphical Passwordijceronline
This paper introduces image based captcha to protect user data or unauthorized access of information. In that password is created from images and text password. Current system is based on only text password but it has disadvantages small password mostly used and easy to remember. This type of password is easy to guess through different attack i.e. dictionary attack and brute force attack. In this paper we have proposed a new image password scheme. In this Recognition based technique is used with numerical password which provide more security and easy to remember text and graphical password.
Authentication Schemes for Session Passwords using Color and ImagesIJNSA Journal
Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, two techniques are proposed to generate session passwords using text and colors which are resistant to shoulder surfing. These methods are suitable for Personal Digital Assistants.
An Ancient Indian Board Game as a Tool for AuthenticationIJNSA Journal
User authentication is the first phase of information security. Users should remember their passwords and recall them for authentication. Text based passwords is the traditional method for authentication. Short and simple passwords are memorable and usable but not secure. Random and lengthy passwords are secure but not memorable and usable. Graphical password schemes are introduced as alternatives to text based schemes. Few grid based authentication techniques are also proposed. The purpose of this paper is to introduce a tool to enhance the memorability and security of passwords which also provides usability. The most popular ancient Indian board game “Snakes and Ladders” is used as a tool for authentication.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
A Well Known Tool Based Graphical Authentication Technique cscpconf
Authentication is the first step of information security. Authentication schemes require users to
memorize the passwords and recall them during log-in time. Traditional text-based
authentication schemes have memorability problems for secure passwords. Graphical password
schemes are introduced as alternatives to text based schemes. Many techniques have been
designed using single image or multiple images. Few grid based authentication techniques are
proposed. This paper introduces a new authentication technique based on a well known tool.
The most popular game especially in rural areas, “Snakes and Ladders” is used as a tool in
authentication technique. The usage of this tool increases the memorability and usability of
passwords.
USER AUTHENTICATION USING NATIVE LANGUAGE PASSWORDSIJNSA Journal
Information security is necessary for any organization. Intrusion prevention is the basic level of security which requires user authentication. User can be authenticated to a machine by passwords. Traditional textual passwords are vulnerable to many attacks. Graphical passwords are introduced as alternatives to textual passwords to overcome these problems. This paper introduces native language passwords for authentication. Native language character set consists of characters with single or multiple strokes. User can select one (or more) character(s) for his password. The shape and strokes of the characters are used for authentication.
Authentication plays a major role in Digital environment. In this environment we have different methods which generally use alphanumeric characters and special characters for password creation. These methods have some problems like hard to remember password because it has no meaning and easily breakable by third parties or attackers. To address these issues, many techniques for authentication are proposed from which graphical password method is best in terms of cost and usage. Basically, Graphical passwords use images for password creation and it has some demerits like hotspot and shoulder surfing problem. A persuasive cued click-point based method reduces hotspot problem. To prevent persuasive cued click-point based method from shoulder surfing we include one time password. For more user convenience we provide two login
methods one which requires internet and other which does not
require internet.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Count based hybrid graphical password to prevent brute force attack and shoul...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATIONcscpconf
Phishing, a serious security threat to Internet users is an e-mail fraud in which the perpetrator
sends out an email which looks like legitimate, in an order to gather personal and financial
information of the receiver. It is important to prevent such phishing attacks. One of the ways to
prevent the password theft is to avoid using passwords and to authenticate a user without a text
password. In this paper, we are proposing an authentication service that is image based and
which eliminates the need for text passwords. Using the instant messaging service available in
internet, user will obtain the One Time Password (OTP) after image authentication. This OTP
then can be used by user to access their personal accounts. The image based authentication
method relies on the user’s ability to recognize pre-chosen categories from a grid of pictures.
This paper integrates Image based authentication and HMAC based one time password to
achieve high level of security in authenticating the user over the internet. These algorithms are
very economical to implement provided they are time synchronized with the user.
Graphical Password Authentication using image Segmentation for Web Based Appl...ijtsrd
One of the most important topics in information security today is user authentication. User authentication is a fundamental component in most computer security contexts. It provides the basis for access control and user accountability. While there are various types of user authentication systems, alphanumeric passwords are the most common type of user authentication. They are versatile and easy to implement and use. However, it can either be long and secure or short and hard to remember. A graphical based password is one promising alternatives of textual passwords. According to human psychology, humans are able to remember pictures easily. In this paper, graphical passwords have been designed to try to make password more memorable and easier for people to use, and it is less vulnerable to brute force attacks than a text based password. The aim of the system is to implement a strong security. The proposed system segments the image like a grid, which has a maximum four fragments. Then, each segment of the image is dragged in a particular sequence onto an empty grid of size 6x6 and placed on a particular segment of the empty grid, to form the user' password. When the user logs into the system, the user needs to drag each segment of the image onto the same empty grid of size 6x6 in the correct sequence and position of the segments that user had specified during registration. Maw Maw Naing | Ohnmar Win ""Graphical Password Authentication using image Segmentation for Web Based Applications"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd25184.pdf
Paper URL: https://www.ijtsrd.com/engineering/electronics-and-communication-engineering/25184/graphical-password-authentication-using-image-segmentation-for-web-based-applications/maw-maw-naing
SHUFFLED INPUT GRAPHICAL PASSWORD AUTHENTICATION SCHEMES BUILT ON CAPTCHA TEC...ijiert bestjournal
When we consider the online service or desktop appl ication there is major issue of security breaching. Old password schemes has some drawbacks like hacking of password,shoulder-surfing attack as far as password is con cern,online password guessing attack,relay attack. Hence there must be system that provides good solution for suc h password cracking attacks. There are many solutions for it a nd various password schemes available that achieves this. The main drawback of these schemes is that users have t o deal with complicated and tedious steps as far as registration and login of user is concern as its logic contains some intense AI processes. These complicated AI pro cesses are exhaustive for common user of the system. In this p aper we proposed authentication scheme which consis t of graphical password based captcha challenge image. I t consists of both a captcha and a graphical passwo rd schemes. We extend the use of captcha as human present recog nition as well as graphical password hence it provi des all benefits of captcha and make system more powerful f rom security point of view.
Authentication Scheme for Session Password using matrix Colour and Text IOSR Journals
The most common method used for authentication is Textual passwords. But textual passwords are
in risk to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are
introduced as alternative techniques to textual passwords. Most of the graphical schemes are helpless to
shoulder surfing. To address this problem, text can be combined with images or colors to generate session
passwords for authentication. Session passwords can be used only once and every time a new password is
generated. In this paper, two techniques are proposed to generate session passwords using text and colors
which are resistant to shoulder surfing. These methods are suitable for Personal Digital Assistants.
TEXTUAL passwords have been the most widely used authentication method for decades. Comprised of number sand upper- and lower-case letters, textual passwords are considered strong enough to resist against brute force
attacks. However, a strong textual password is hard to memorize and recollect .Therefore, users tend to choose passwords that are either short or from the dictionary, rather than random alphanumeric strings.
Various graphical password authentication schemes
were developed to address the problems and weaknesses associated with textual passwords. Based on some studies such as those in , humans have a better ability to memorize images with long-term memory(LTM) than verbal representations. Image-based passwords were proved to be easier to recollect in several user studies As a result, users can set up a complex authentication password and are capable of recollecting it after a long time even if the memory is not activated periodically.
The human actions such as choosing bad passwords for
new accounts and inputting passwords in an insecure way for later logins are regarded as the weakest link in the authentication chain [16]. Therefore, an authentication scheme should be designed to overcome these vulnerabilities.
In this paper, we present a secure graphical authentication system named Pass Matrix that protects users from becoming victims of shoulder surfing attacks when inputting passwords in public through the usage of one-time login indicators. A login indicator is randomly generated for each pass-image and will be useless after the session terminates. The login indicator provides better security against shoulder surfing attacks, since users use a dynamic pointer to point out the position of their passwords rather than clicking on
the password object directly.
Presentation on Graphical password-technology to make system more securedSanjeev Kumar Jaiswal
A graphical password is an authentication system that works by having
the user select from images, in a specific order, presented in a graphical
user interface (GUI). Graphical passwords may offer better security than
text-based passwords because many people, in an attempt to memorize
text-based passwords, use plain words
A Graphical Password Scheme using Persuasive Cued Click PointsIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
A novel multifactor authentication system ensuring usability and securityijsptm
User authentication is one of the most important part of information security. Computer security most
commonly depends on passwords to authenticate human users. Password authentication systems will be
either been usable but not secure, or secure but not usable. While there are different types of authentication
systems available alphanumeric password is the most commonly used authentication mechanism. But this
method has significant drawbacks. An alternative solution to the text based authentication is Graphical
User Authentication based on the fact that humans tends to remember images better than text. Graphical
password authentication systems provide passwords which are easy to be created and remembered by the
user. However, the main issues of simple graphical password techniques are shoulder surfing attack and
image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable
or usable but not secure. . In this paper, a new technique that uses cued click point graphical password
method along with the use of one-time session key is proposed. The goal is to propose a new authentication
mechanism using graphical password to achieve higher security and better usability levels. The result of
the system testing is evaluated and it reveals that the proposed system ensures security and usability to a
great extent.
Folder Security Using Graphical Password Authentication Schemepaperpublications3
Abstract: Now a day most of the user are facing problem for providing the security to the folder, so that it will not be accesses by the unauthorized user. Taking in action all these problems I have designed a model which will provide a best security to your folders using graphical password authentication model. Graphical passwords are an alternative to alphanumeric passwords in which users click on images to authenticate themselves rather than type alphanumeric strings. We have developed one such system, called Pass Points, and evaluated it with human users. Beginning around 1999, a multitude of graphical based password scheme which have been proposed as alternative to text based password scheme, motivated by the promise of improved password memorability and thus usability. This paper presents a detailed evaluation of the Pass Points and pattern matching password scheme which provides high level of security and provides security to your folder.
A Well Known Tool Based Graphical Authentication Technique cscpconf
Authentication is the first step of information security. Authentication schemes require users to
memorize the passwords and recall them during log-in time. Traditional text-based
authentication schemes have memorability problems for secure passwords. Graphical password
schemes are introduced as alternatives to text based schemes. Many techniques have been
designed using single image or multiple images. Few grid based authentication techniques are
proposed. This paper introduces a new authentication technique based on a well known tool.
The most popular game especially in rural areas, “Snakes and Ladders” is used as a tool in
authentication technique. The usage of this tool increases the memorability and usability of
passwords.
Authentication plays a major role in Digital environment. In this environment we have different methods which generally use alphanumeric characters and special characters for password creation. These methods have some problems like hard to remember password because it has no meaning and easily breakable by third parties or attackers. To address these issues, many techniques for authentication are proposed from which graphical password method is best in terms of cost and usage. Basically, Graphical passwords use images for password creation and it has some demerits like hotspot and shoulder surfing problem. A persuasive cued click-point based method reduces hotspot problem. To prevent persuasive cued click-point based method from shoulder surfing we include one time password. For more user convenience we provide two login
methods one which requires internet and other which does not
require internet.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Count based hybrid graphical password to prevent brute force attack and shoul...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATIONcscpconf
Phishing, a serious security threat to Internet users is an e-mail fraud in which the perpetrator
sends out an email which looks like legitimate, in an order to gather personal and financial
information of the receiver. It is important to prevent such phishing attacks. One of the ways to
prevent the password theft is to avoid using passwords and to authenticate a user without a text
password. In this paper, we are proposing an authentication service that is image based and
which eliminates the need for text passwords. Using the instant messaging service available in
internet, user will obtain the One Time Password (OTP) after image authentication. This OTP
then can be used by user to access their personal accounts. The image based authentication
method relies on the user’s ability to recognize pre-chosen categories from a grid of pictures.
This paper integrates Image based authentication and HMAC based one time password to
achieve high level of security in authenticating the user over the internet. These algorithms are
very economical to implement provided they are time synchronized with the user.
Graphical Password Authentication using image Segmentation for Web Based Appl...ijtsrd
One of the most important topics in information security today is user authentication. User authentication is a fundamental component in most computer security contexts. It provides the basis for access control and user accountability. While there are various types of user authentication systems, alphanumeric passwords are the most common type of user authentication. They are versatile and easy to implement and use. However, it can either be long and secure or short and hard to remember. A graphical based password is one promising alternatives of textual passwords. According to human psychology, humans are able to remember pictures easily. In this paper, graphical passwords have been designed to try to make password more memorable and easier for people to use, and it is less vulnerable to brute force attacks than a text based password. The aim of the system is to implement a strong security. The proposed system segments the image like a grid, which has a maximum four fragments. Then, each segment of the image is dragged in a particular sequence onto an empty grid of size 6x6 and placed on a particular segment of the empty grid, to form the user' password. When the user logs into the system, the user needs to drag each segment of the image onto the same empty grid of size 6x6 in the correct sequence and position of the segments that user had specified during registration. Maw Maw Naing | Ohnmar Win ""Graphical Password Authentication using image Segmentation for Web Based Applications"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd25184.pdf
Paper URL: https://www.ijtsrd.com/engineering/electronics-and-communication-engineering/25184/graphical-password-authentication-using-image-segmentation-for-web-based-applications/maw-maw-naing
SHUFFLED INPUT GRAPHICAL PASSWORD AUTHENTICATION SCHEMES BUILT ON CAPTCHA TEC...ijiert bestjournal
When we consider the online service or desktop appl ication there is major issue of security breaching. Old password schemes has some drawbacks like hacking of password,shoulder-surfing attack as far as password is con cern,online password guessing attack,relay attack. Hence there must be system that provides good solution for suc h password cracking attacks. There are many solutions for it a nd various password schemes available that achieves this. The main drawback of these schemes is that users have t o deal with complicated and tedious steps as far as registration and login of user is concern as its logic contains some intense AI processes. These complicated AI pro cesses are exhaustive for common user of the system. In this p aper we proposed authentication scheme which consis t of graphical password based captcha challenge image. I t consists of both a captcha and a graphical passwo rd schemes. We extend the use of captcha as human present recog nition as well as graphical password hence it provi des all benefits of captcha and make system more powerful f rom security point of view.
Authentication Scheme for Session Password using matrix Colour and Text IOSR Journals
The most common method used for authentication is Textual passwords. But textual passwords are
in risk to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are
introduced as alternative techniques to textual passwords. Most of the graphical schemes are helpless to
shoulder surfing. To address this problem, text can be combined with images or colors to generate session
passwords for authentication. Session passwords can be used only once and every time a new password is
generated. In this paper, two techniques are proposed to generate session passwords using text and colors
which are resistant to shoulder surfing. These methods are suitable for Personal Digital Assistants.
TEXTUAL passwords have been the most widely used authentication method for decades. Comprised of number sand upper- and lower-case letters, textual passwords are considered strong enough to resist against brute force
attacks. However, a strong textual password is hard to memorize and recollect .Therefore, users tend to choose passwords that are either short or from the dictionary, rather than random alphanumeric strings.
Various graphical password authentication schemes
were developed to address the problems and weaknesses associated with textual passwords. Based on some studies such as those in , humans have a better ability to memorize images with long-term memory(LTM) than verbal representations. Image-based passwords were proved to be easier to recollect in several user studies As a result, users can set up a complex authentication password and are capable of recollecting it after a long time even if the memory is not activated periodically.
The human actions such as choosing bad passwords for
new accounts and inputting passwords in an insecure way for later logins are regarded as the weakest link in the authentication chain [16]. Therefore, an authentication scheme should be designed to overcome these vulnerabilities.
In this paper, we present a secure graphical authentication system named Pass Matrix that protects users from becoming victims of shoulder surfing attacks when inputting passwords in public through the usage of one-time login indicators. A login indicator is randomly generated for each pass-image and will be useless after the session terminates. The login indicator provides better security against shoulder surfing attacks, since users use a dynamic pointer to point out the position of their passwords rather than clicking on
the password object directly.
Presentation on Graphical password-technology to make system more securedSanjeev Kumar Jaiswal
A graphical password is an authentication system that works by having
the user select from images, in a specific order, presented in a graphical
user interface (GUI). Graphical passwords may offer better security than
text-based passwords because many people, in an attempt to memorize
text-based passwords, use plain words
A Graphical Password Scheme using Persuasive Cued Click PointsIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
A novel multifactor authentication system ensuring usability and securityijsptm
User authentication is one of the most important part of information security. Computer security most
commonly depends on passwords to authenticate human users. Password authentication systems will be
either been usable but not secure, or secure but not usable. While there are different types of authentication
systems available alphanumeric password is the most commonly used authentication mechanism. But this
method has significant drawbacks. An alternative solution to the text based authentication is Graphical
User Authentication based on the fact that humans tends to remember images better than text. Graphical
password authentication systems provide passwords which are easy to be created and remembered by the
user. However, the main issues of simple graphical password techniques are shoulder surfing attack and
image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable
or usable but not secure. . In this paper, a new technique that uses cued click point graphical password
method along with the use of one-time session key is proposed. The goal is to propose a new authentication
mechanism using graphical password to achieve higher security and better usability levels. The result of
the system testing is evaluated and it reveals that the proposed system ensures security and usability to a
great extent.
Folder Security Using Graphical Password Authentication Schemepaperpublications3
Abstract: Now a day most of the user are facing problem for providing the security to the folder, so that it will not be accesses by the unauthorized user. Taking in action all these problems I have designed a model which will provide a best security to your folders using graphical password authentication model. Graphical passwords are an alternative to alphanumeric passwords in which users click on images to authenticate themselves rather than type alphanumeric strings. We have developed one such system, called Pass Points, and evaluated it with human users. Beginning around 1999, a multitude of graphical based password scheme which have been proposed as alternative to text based password scheme, motivated by the promise of improved password memorability and thus usability. This paper presents a detailed evaluation of the Pass Points and pattern matching password scheme which provides high level of security and provides security to your folder.
A Well Known Tool Based Graphical Authentication Technique cscpconf
Authentication is the first step of information security. Authentication schemes require users to
memorize the passwords and recall them during log-in time. Traditional text-based
authentication schemes have memorability problems for secure passwords. Graphical password
schemes are introduced as alternatives to text based schemes. Many techniques have been
designed using single image or multiple images. Few grid based authentication techniques are
proposed. This paper introduces a new authentication technique based on a well known tool.
The most popular game especially in rural areas, “Snakes and Ladders” is used as a tool in
authentication technique. The usage of this tool increases the memorability and usability of
passwords.
Passblot: A Highly Scalable Graphical One Time Password SystemIJNSA Journal
User authentication is necessary to secure the data and process on Internet and in digital devices. Static text based authentication are most widely employed authentication systems for being inexpensive and highly scalable. But they are prone to various types of active and passive attacks. The constant need of extending them to increase security is making them less usable. One promising alternative is Graphical
authentication systems, which if implemented properly are more secure but have their own drawbacks. In this paper, we discuss in detail the extension of our previous work Passblot [18], a unique graphical authentication system. It generates pseudo random one time passwords using a set of inkblots, unique to
each user. Properties of one time passwords ensure the resistance towards various common attacks and the uniqueness of human perception makes it usable. We demonstrate how our system effectively mitigates various attacks and analyse the results from various experiments conducted.
PassBYOP: Bring Your Own Picture for Securing Graphical PasswordsKamal Spring
PassBYOP is a new graphical password scheme for public terminals that replaces the static digital images typically used in graphical password systems with personalized physical tokens, herein in the form of digital pictures displayed on a physical user-owned device such as a mobile phone. Users present these images to a system camera and then enter their password as a sequence of selections on live video of the token. Highly distinctive optical features are extracted from these selections and used as the password. We present three feasibility studies of PassBYOP examining its reliability, usability, and security against observation. The reliability study shows that image-feature based passwords are viable and suggests appropriate system thresholds—password items should contain a minimum of seven features, 40% of which must geometrically match originals stored on an authentication server in order to be judged equivalent. The usability study measures task
completion times and error rates, revealing these to be 7.5 s and 9%, broadly comparable with prior graphical password systems that use static digital images. Finally, the security study highlights PassBYOP’s resistance to observation attack—three attackers are unable to compromise a password using shoulder surfing, camera based observation, or malware. These results indicate that Pass- BYOP shows promise for security while maintaining the usability of current graphical password schemes.
Data hiding in graphical password authentication using combinationnuruladnan11
Steganography is the art of hiding data in a seemingly innocuous cover medium. For example – any sensitive data can be hidden inside a digital image. Steganography provides better security than cryptography because cryptography hides the contents of the message but not the existence of the message. So no one apart from the authorized sender and receiver will be aware of the existence of the secret data. Steganographic messages are often first encrypted by some traditional means and then a cover image is modified in some way to contain the encrypted message. The detection of steganographically encoded packages is called steganalysis. In this paper, we propose three efficient Steganography techniques that are used for hiding secret messages. They are LSB based Steganography, Steganography using the last two significant bits and Steganography using diagonal pixels of the image. Symmetric and asymmetric key cryptography has been used to encrypt the message.
Abstract - A password is a sequence of characters used to determine whether the user is authenticated or not. Nowadays most of the password is text-based. Since text based password is hard to remember people try to use simple memorable password such as pet names, phone number, etc. which are easy to break by intruders. The main idea behind the paper is to replace the text-based passwords by image based password and encrypt using RSA algorithm. Our experimental result shows that image passwords are easy to remember, better than the text.
Abstract - A password is a sequence of characters used to determine whether the user is authenticated or not. Nowadays most of the password is text-based. Since text based password is hard to remember people try to use simple memorable password such as pet names, phone number, etc. which are easy to break by intruders. The main idea behind the paper is to replace the text-based passwords by image based password and encrypt using RSA algorithm. Our experimental result shows that image passwords are easy to remember, better than the text.
strong passwords such as alphanumeric or graphical passwords. Alphanumerical passwords are not more secure
than graphical passwords. Hackers can easily guess the password with the help of tools such as dictionary attacks.
Information security is the most important factor now a days. To provide security for the cloud we are using
graphical password authentication. Graphical password is the alternative solution for alphanumeric passwords to
provide more security. Graphical password are more secure than alphanumeric passwords. It is quite difficult for the
users to remember the alphanumeric passwords. According to psychological studies the human mind can easily
capture images than alphabets or digits. In this paper we are going to give authentication to cloud services by using
graphical password authentication. We are providing an algorithm which is based on selection of username and
images as a password. In this paper we are to trying to give set of images on the basis of alphabets sequence position
of characters in username. In this paper we will access cloud services using graphical password authentication.
Research Paper on Android Graphical Image Passwordijtsrd
Security of authentication is needed to be provided superlatively to secure users ‘personal and exchange information, since online information exchange systems, have been developed according to internet speed. Therefore, the aim of the chapter is to develop a current graphical password scheme based on recall and create and implement anew graphical password scheme composed of three layer verification. We programmed our scheme in order to use in a section of anonymous information exchange system and user’s registration of trading chat room. While we conducted survey on users by accessing participants to our system lied in participants’ local network and we analyzed in accordance with the average length of their created password and statistical significance of entropy bit. From the survey of total participants, our scheme has statistical significance, furthermore, it was proved that it can secure from a variety of attacks as entropy bit was high. Raja Saha | Dr. Umarani Chellapandy "Research Paper on Android Graphical Image Password" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-3 , April 2022, URL: https://www.ijtsrd.com/papers/ijtsrd49859.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/49859/research-paper-on-android-graphical-image-password/raja-saha
CAPTCHA as Graphical Password: A Novel Approach to Enhance the Security in WWWIJLT EMAS
This research aims to study the existing password
scheme and to design and develop a new improved graphical
password scheme. A novel protection primitive is presented in
view of strong AI problems namely a new family of graphical
password scheme built up on top of captcha technology, which
we call Captcha as graphical password (CaRP). CaRP is both a
captcha and graphical password scheme. CaRP addresses
number of security issues altogether for example, online guessing
attacks, relay attacks and if combined with dual -view
technologies shoulder-surfing attacks. CaRP likewise offers a
novel way to deal with address the notable image hotspot
problem in well-known
MULTI DIMENSIONAL STERLING CONCEPTION FOR SYSTEM SECURITYijiert bestjournal
Apart from being liable to social engineering atta cks,text primarily based secrets are either weak-a nd-memorable or secure-but-difficult-to-remember If the password is machine generated it's mostly sophisticated for us er to stay in mind. User each secret victimization cued click poi nts graphical secret theme includes memorability,u sability and security evaluations. By victimization graphical se cret theme shoulder aquatics attack,masquerading a nd eavesdropping will be reduced. For authentication p urpose the graphical based mostly technique is empl oyed. The aim of this paper is increasing the protection area and avoiding the weakness of typical secret. . The re are phases in making a powerful graphical secret theme from last two decades,with the promise that the graphical se crets would supply improved password memo ability and usefulnes s. The three techniques that we have a tendency to use here is PCCP (PERSUASIVE CUED CLICK POINTS),Grid-Based Aut hentication,color Based Authentication. After successfully verification of these three techniques user can able to access the Secure Application. So new scheme will provide the strong security using 3D i.e. secr ete user name,graphical password,color password. These techniques will be used for any online/offline syst em.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
Enhancement of Shoulder-Surfing Resistant Graphical Password Scheme for Cloud using Caesar Cipher Technique
1. Enhancement of Shoulder-Surfing Resistant
Graphical Password Scheme for Cloud using
Caesar Cipher Technique
R.Vijayakumari 1
, K.Gangadhara Rao 2
, B.Basaveswara Rao 3
1
Department of Computer Science,
Krishna University, Machilipatnam, India
2,3
Department of Computer Science,
Acharya Nagarjuna University, Guntur, India
1
vijayakumari28@gmail.com, 2
kancherla123@gmail.com, 3
bbrao@alu.ac.in
Abstract- Password prevents unauthorized access to the data and also provides high security and confidentiality. Due to
various drawbacks in text based passwords, graphical password authentication was developed as an alternative.
Graphical passwords also provide more security when compared to text based. In graphical password authentication,
users click on images to set their passwords. Images are generally easier to be remembered than text. In graphical
password authentication users can set images as their password. Caesar Cipher Technique is an encryption
technique used for secure transmission of textual data. In this paper, this technique is applied for graphical
password in order to provide enhanced security to the user.
Keywords – Graphical Password, Authentication, Shoulder-Surfing, Usability, Security
I. INTRODUCTION
Providing system security for the user has become more important in present days. So password is provided for
authentication. There are different authentication mechanisms for providing security. Prominent among them is
alpha numeric passwords which provides high security are also known as text based passwords. A password in text
based system contains a string of letters and digits. Therefore, these text-based passwords are stronger enough. But,
the security of this password is directly proportional to the complexity of the password [1]. However, text based
passwords are easy to guess. They are even prone to dictionary attacks, brute force attacks, key logger, social
engineering etc. That is why an alternative approach for text-based passwords, called Graphical Password
Authentication has been developed, to provide more security to the user. In this system of authentication, user has to
select a set of images in a particular order as his/her password. The images that are to be selected can be of any type
like an image of a flower, animal, place, person, vegetable, etc. Users are good at remembering or recognizing
images better than the text [2]. But, shoulder-surfing is the significant problem in graphical password authentication.
Shoulder-surfing means looking over someone’s shoulder to steal the password. To deal with this problem both the
Recognition and Recall based techniques are used. In Recall based authentication technique, a user has to reproduce
the thing in the same way as they are created or selected at the time of registration. In Recognition based technique,
a set of images are presented to the user at the time of authentication, from which he/she has to select correct images
in a sequential order. Caesar Cipher technique is the earliest known and the simplest substitution cipher [3]. It was
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 9, September 2017
222 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
2. first used for blocks of text. This technique involves replacing each letter of the alphabet with the letter standing ‘k’
places further down the alphabet. Here, ‘k’ is called the key and takes on a value from 1 to 25.
II. RELATED WORKS
Graphical passwords have been proposed as a possible alternative to text-based password. Blonder [4] first
introduced the concept of graphical password. Later, Dhamija et al proposed Deja Vu [5] which is, in effect, a
recognition-based graphical password scheme. At present there are many approaches available for graphical
password based authentication system, although, Xiaoyuan Suo et al [6] mentioned that this scheme is still under
research and require more experiments to finally deploy in the market. Sobrado and Birget [7] proposed a graphical
password technique which acts as a shoulder surfing resistant, in which system displays a specific number pf pass
objects (pre-selected by the users) from many objects that are given. In Man et al. [6] algorithms a number of images
are selected by user as pass-objects. Each pass-object with a unique code has several variants. During authentication
process several scenes are presented before user. Jansen et al [8] proposed a mechanism based on graphical
password for mobile devices. Takada and Koike [9] discussed a similar technique for mobile devices. Real User
Corporation developed a Pass-face algorithm [10] where user is asked to select four images from database as their
password. Ali Mohamed et al [11] proposed Recognition Based Graphical Password interface. Here, author has
presented “Graphical Password Prototype Design”. Its features were about ease of use, memorize, creation, learning
and satisfaction. To create the password the user should choose three images and sort them as he want in some order
and save them. While login, user selects only these images for authentication. K. Gangadhara Rao et al [12]
proposed a click based graphical password authentication system. There are two phases – registration and login. The
user has to register by giving his username and password and the selected password is shifted circularly to the right
by one character and stored in the database. Login procedure happens in four sages and in each stage the entered
input is compared with the rotated, stored, password string by shifting one character to the left by ‘n’ number of
times. Here ‘n’ represents the number of iteration. If all the four stages are successfully passed by the user, then he is
allowed to access the system. Vijayakumari Rodda et al [13] proposed a Shoulder-surfing Resistant Graphical
Password Scheme in which the user uses a variable grid for selecting password images during login. But this scheme
was only 70% secure when the user uses the key board for login procedure. Amish shah et al [14] proposed
shoulder-surfing resistant graphical password system to minimize the search time to find the pass-images on a login
screen. This scheme uses texts in images instead of objects such that quicker recognition can take place. Each and
every image has two characters in it. The user can select an alpha numeric pass phrase at the time of registration.
During login, the user will have to move the frames with appropriate characters and arrange them as per the
alignment chosen during registration. Abutalha et al [15] proposed an alignment based graphical password scheme.
It has two phases: select, training phase and identification phase. In first phase, user has to register username and
password pictures. He is also trained to remember images in this phase. In the second phase, user has to identify and
align the pass pictures displayed in circles. The number of circles displayed is equal to number of password pictures
selected. Each and every circle consists of only one pass picture during login. So, he has to align them and submit
them to get access to the system. Mrs.Gokhale et al [16] introduced a graphical password technique which has two
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 9, September 2017
223 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
3. phases called registration and login. During registration, the user has to select some even number of images to set as
a password. Later any other picture can be selected by the user to select any three questions. The answers to the
questions must be any three regions on the later selected image. User has to click on region of answers and save
them for login purpose along with his other details. During login, the user has to select the appropriate images and
also answer the questions correctly. Amol Bhand et al [17] proposed a click based recognizable graphical password
authentication system. In this system, at the time of registration user gets one system generated text password on his
e-mail on the basis of RGB values of the selected click points of the image. While logging in user has to enter this
text password.
III. EXISTING SYSTEM
As shown in Figure 1 and Figure 2, the existing system [13] has variable grid for displaying pictures in login
interface. The size of the grid is given during login. From the displayed pictures, the user has to select his/her
password pictures correctly to login to the system.
Figure 1. Login interface to enter grid size [13]
Figure 2. Login interface to select images [13]
A. Limitations in the Existing System
The existing system was shoulder-surfing resistant password system used for accessing cloud resources. But, its has
certain limitations.
1. The system is secure only upto 70% when we use mouse to login
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 9, September 2017
224 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
4. 2. A chance of cracking a password if the attacker watches the login procedure closely.
B. Modification Suggested for the Existing System
Use Caesar Cipher Technique for giving password input. The encryption and decryption algorithms of Caesar
Cipher are:
C = E(k, P) = (P + k)
P = D(k,C) = (C - k)
Where P is original password, C is encrypted password, and k is key for encryption
Using this technique, the original passwords are hidden and mapped passwords are given each and every time of
login. Therefore, though the attacker observes the login procedure closely, he cannot get the original password.
IV. PROPOSED SYSTEM
The proposed scheme has 1200 pictures in the database for acquiring greater password space as it is in the existing
system. The purpose of the proposed scheme is to enhance the existing shoulder-surfing resistant system in both
security and usability. This scheme contains two phases – Registration Phase and Login Phase. During registration
the user details are registered. The details include user name, e-mail ID, mobile number, and number of pictures for
password. The registration interface is shown in Figure 3.
Figure 3. Registration interface for proposed scheme
During Login, the user enters the encrypted password for authentication. The code for encryption is sent to user’s
mail-id as well as Mobile number. First, the user has to enter his/her user name first and then he/she has to generate
a pass-code for encryption. When the user generates the pass-code, the proposed scheme sends the pass-code to user
email-id as well as his/her mobile number automatically. Basing on the pass-code, the user has to select the images
as his/her password. The login interface is shown in Figure 4.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 9, September 2017
225 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
5. Figure 4. Login interface for proposed scheme
The pass-code for encryption contains an alphabet followed by a number.
Alphabet – L/R/T/B (L – left, R – left, T – top, B – bottom)
Number – 1/2/3/4 (number of positions to slide)
‘Number’ represents the number of positions a user has to move from original pass picture, to select the mapped
pass picture. ‘Alphabet’ represents the direction to move. We assume that the grid is foldable (or rollable) for
applying Caesar Cipher Technique, so that the side edges, touch each other whenever necessary. i.e., first column
will touch last column if you roll (or fold). Similarly, first row will touch last row if you fold. For example in Figure
4, if the pass picture is Pomegranate and the pass-code is R2, then the user has to select Zebra as his password
picture by sliding two positions to the right. If the pass picture is Papaya and the pass-code is T1, then the user has to
select Beans as his picture by moving one position up. If the pass picture is Watermelon and the pass-code is L4,
then the user has to select Cauliflower as his pass picture by moving four positions to the left. Same way if the pass
picture is Elephant and the pass-code is B3, then the user has to select the ‘Picture of Lady with Red Dress’ as his
pass picture by moving 3 positions to the bottom. Limits are set for the two parameters – number of password
pictures and the length of the grid.
Table 1. Limits for No. of Pictures in the Password and Length of Grid
S.No. Password/Grid Upper Limit Lower Limit
1 Number of Pictures in
the Password
07 03
2 Length of the Grid 12 05
V. IMPLEMENTATION
The proposed scheme was implemented using Java. MySQL database was used for storing pictures. ‘Eclipse’ is the
development tool used for application development.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 9, September 2017
226 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
6. Technology Used: Java
Database: MySQL
Development Tool: Eclipse/Net Beans
Figure 5. Implementation of Proposed Scheme
VI. RESULTS AND DISCUSSION
Let ‘N’ be the set of all possible passwords and ‘m’ be the number of pictures in the selected password of a user.
Then, the password space is given by
N = 1200Cm
Let ‘K’ be the set of all possible keys. Then,
K = {L1, L2, L3, L4, R1, R2, R3, R4, T1, T2, T3, T4, B1, B2, B3, and B4}
The password is given in the encrypted format during login and it is decrypted by the proposed system to verify
the authenticity of the user. i.e., E (k, P) = D (k, C). If at all an attacker tries to attack, he has to try with 12 different
keys. And the keys are sent to user instantly at each and every login. So, it is impossible for the attacker to have
knowledge of key at that particular instance. After 3 failed attempts of login, user is alarmed, according to the
proposed system. So, it is impossible for the attacker to crack the password in the proposed system.
A user study was conducted involving 25 post graduate students to study usability, security, and login times for
the proposed scheme, after a learning session on the proposed scheme. The average login time for the proposed
scheme consisting of grid length 5, 6, and 7 was 21.6, 25.6, and 33.6 respectively. The average login times increase
as the number of pictures in the password increases in the proposed scheme. It was also found that 23% of the
participants in the study found the selection of pass pictures are a bit time taking when they chose the lengthy
password length. Shoulder-surfing attack and dictionary attacks are restricted as the user is not directly selecting the
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 9, September 2017
227 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
7. original pass pictures and the password pictures are mapped with other input pictures in the interface. In case of
repeated attempts the security grid of the proposed scheme will be ceased and an SMS and e-mail will be sent to
user mobile and mail-id respectively. Hence, the security of the proposed scheme is larger than the existing shoulder
surfing resistant password scheme.
VII.CONCLUSION AND FUTURE WORK
An Enhanced Graphical Password Scheme using Caesar Cipher Technique is proposed to eliminate the shoulder-
surfing attack and brute-force attack. Shoulder-surfing attack is restricted as the user inputs other images as
password in place of the original pass pictures. When the number of login failures exceeds a certain threshold say 3
or 4, the interface sends the message to user via SMS and e-mail. The grid displays the password pictures randomly
at each and every time of login. This restricts the random click attack in the proposed scheme. The proposed scheme
may be extended to ATM machines where the users be authenticated to log into their accounts.
REFERENCES
[1] Authentication Using Graphical Passwords: Basic Results. Susan Wiedenbeck, Jim Waters. College of IST Drexel University Philadelphia,
PA, 19104 USA. Susan.wiedenbeck@cis.drexel.edu jw65@drexel.edu
[2] R.N.Shepard, “Recognition memory for words, sentences, and pictures”, Journal of Verbal Learning and Verbal Behavior, Vol. 6, pp. 156-
163, 1967.
[3] Stallings W. Cryptography and network security: principles and practices. Pearson Education India; 2006.
[4] Blonder, Greg E. "Graphical password." U.S. Patent No. 5,559,961. 24 Sep. 1996.
[5] Dhamija R, Perrig A. Deja Vu-A User Study: Using Images for Authentication. InUSENIX Security Symposium 2000 Aug 14 (Vol. 9, pp.
4-4).
[6] Suo X, Zhu Y, Owen GS. Graphical passwords: A survey. InComputer security applications conference, 21st annual 2005 Dec 5 (pp. 10-
pp). IEEE.
[7] Wiedenbeck S, Waters J, Sobrado L, Birget JC. Design and evaluation of a shoulder-surfing resistant graphical password scheme.
InProceedings of the working conference on Advanced visual interfaces 2006 May 23 (pp. 177-184). ACM.
[8] Jansen W. Authenticating mobile device users through image selection. WIT Transactions on Information and Communication
Technologies. 2004 Apr 7;30.
[9] Takada T, Onuki T, Koike H. Awase-e: Recognition-based image authentication scheme using users' personal photographs. InInnovations
in Information Technology, 2006 2006 Nov (pp. 1-5). IEEE.
[10] RealUser, "www.realuser.com," last accessed in June 2005.
[11] Eljetlawi AM. Graphical password: Usable graphical password prototype. J. Int'l Com. L. & Tech.. 2009;4:298.
[12] Rao KG, Vijayakumari R, Rao BB. 4-STAGE GRAPHICAL PASSWORD AUTHENTICATION SCHEME FOR CLOUD. Journal of
Theoretical and Applied Information Technology. 2017;95(1):105.
[13] Vijayakumari Rodda, Gangadhar Rao Kancherla, Basaveswara Rao Bobba. Shoulder-Surfing Resistant Graphical Password System for
Cloud. International Journal of Applied Engineering Research. 2017. Vol 12(16). Pp. 6091-6096.
[14] Shah, A., Ved, P., Deora, A., Jaiswal, A. and D'silva, M., 2015. Shoulder-surfing Resistant Graphical Password System. Procedia Computer
Science, 45, pp.477-484.
[15] Danish, A., Sharma, L., Varshney, H. and Khan, A.M., 2016, March. Alignment based graphical password authentication system.
In Computing for Sustainable Global Development (INDIACom), 2016 3rd International Conference on (pp. 2950-2954). IEEE.
[16] Gokhale, M.A.S. and Waghmare, V.S., 2016. The shoulder surfing resistant graphical password authentication technique. Procedia
Computer Science, 79, pp.490-498.
[17] Bhand, A., Desale, V., Shirke, S. and Shirke, S.P., 2015, December. Enhancement of password authentication system using graphical
images. In Information Processing (ICIP), 2015 International Conference on (pp. 217-219). IEEE.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 9, September 2017
228 https://sites.google.com/site/ijcsis/
ISSN 1947-5500