Securing online password guessing attack

•Download as PPTX, PDF•

4 likes•350 views

This document discusses defenses against password guessing attacks using persuasive click points. It introduces traditional graphical password systems and classifications of passwords. It outlines the disadvantages of existing systems like tokens, knowledge-based passwords, and biometrics. The document then describes Persuasive Cued Click Points (PCCP), which uses a viewport to guide users to select more random passwords within an image. PCCP provides advantages like being easier to remember than alphanumeric passwords while providing better security against brute force and dictionary attacks.

Technology

1
Defenses Against Password Guessing Attacks By Using Persuasive Click Point
Presentation On :-
Presented By :-
Saurav Sinha
(Computer Science Engg.)

Contents
 Objective
 Traditional Graphical Password System
 Classification of Passwords
 Disadvantages of Existing System
 Persuasive Cued Click Points (PCCP)
 System Architecture
 Advantages
 Conclusion
 References
2

 Objective
3
 To force users to select more random, and difficult passwords
to guess.
 To provide better security and easy to remember passwords in
the form of pictures.
 To provide more secure authentication.
 To provide user friendly environment to create password.

 Traditional Graphical Password System
1. Recognition Based Techniques
2. Recall based techniques :-
Pass Points (PP)
4

 Disadvantages Of Existing System
Token based system requires support of knowledge
based system (Keys, Smartcards etc.)
Knowledge based passwords are easily cracked by brute
force and dictionary attacks (Text & Alphanumeric
numbers)
Biometrics based system is more complex and costly
(Fingerprint, Retina, Face Geometry etc.)
6

Persuasive Cued Click Point (PCCP)
 Select a click-point
within the view port.
 Shuffle button to
randomly reposition
the view port
 View port guides users
to select more random
passwords
7

Advantages
 Better to remember a picture then an alphanumeric passwords.
 More restrictive against brute force and dictionary attacks
 More effective in preventing password guessing attacks
10

 Conclusion
 There is a growing interest for Graphical passwords since they are
better than Text based passwords, although the main argument for
graphical passwords is that people are better at memorizing
graphical passwords than text-based passwords
 Persuasive Click point method provides greater security than other
password methods.
11

The most common method used for authentication is Textual passwords. But textual passwords are in risk to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are helpless to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, two techniques are proposed to generate session passwords using text and colors which are resistant to shoulder surfing. These methods are suitable for Personal Digital Assistants.

A Graphical Password Scheme using Persuasive Cued Click Points

IJMER

Shoulder surfing resistant graphical and image based login system

Akshay Surve

TO GET THIS PROJECT COMPLETE SOURCE ON SUPPORT WITH EXECUTION PLEASE CALL BELOW CONTACT DETAILS MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM,WWW.FINALYEAR-IEEEPROJECTS.COM, EMAIL:Praveen@nexgenproject.com NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.

Three Level Security System Using Image Based Aunthentication

Bro Jayaram

Implementation of Knowledge Based Authentication System Using Persuasive Cued...

IOSR Journals

Pass byo bring your own picture for securing graphical passwords

LeMeniz Infotech

PassBYO Bring Your Own Picture for Securing Graphical Passwords Web : http://www.lemenizinfotech.com Web : http://ieeemaster.com Web : http://www.lemenizinfotech.com/android-ieee-projects-2016-2017-2/ Web : http://ieeemaster.com/android-ieee-projects-2016-2017/ Address: 36, 100 Feet Road(Near Indira Gandhi Statue), Natesan Nagar, Pondicherry-605 005 Contact numbers: +91 95663 55386, 99625 88976 (0413) 420 5444 Mail : projects@lemenizinfotech.com Mobile : 9566355386 / 9962588976

Graphical password authentication

bhavana sharma

A graphical password authentication system (ieee 2011) 1Shaibi Varkey

Graphical password based hybrid authentication system for smart hand held dev...

Alexander Decker

Ce36484489IJERA Editor

Graphical password authenticationAsim Kumar Pathak

Graphical Password Authenticationimp.docx2Raghu Vamsy Sirasala

Psdot 2 design and implementation of persuasive cued click-points and evalua...

ZTech Proje

Graphical password minor report

Love Kothari

Graphical Password Authentication

Dhvani Shah

Graphical password authentication using pccp with sound signature

eSAT Journals

Abstract Persuasive Cued-Click Point is an advanced method of cued click point of graphical password technique which includes usability and security evaluations. It also useful for reduces hotspot problem and hence it helps the user in selecting password of higher security. This paper includes the persuasion to influence user choice in click based graphical passwords, so that users select more desultory and more difficult to guess the passwords. In this paper includes sound signature for recover the password if user forgot password or click point ,then playing the sound signature which is selected at registration time then it set new password and access the account. This paper include dead zone new concept to avoiding Shoulder surfing attack in graphical password authentication. Keywords: Graphical Password, Authentication, Password Images, and PCCP etc…

Engineering Project of Venkata Krishnabanda5630

Training report of PLC

Sumit Patidar

Session Hijacking ppt

Harsh Kevadia

Collaboration Diagram

fahad_uaar

What's hot

Graphical password authentication system pptsNimisha_Goel

graphical password authenticationAkhil Kumar

Image Based Authentication System

PRINCE PRANAV

Graphical Password Authentication

Abha nandan

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

Nexgen Technology

Three Level Security System Using Image Based Aunthentication

Bro Jayaram

Implementation of Knowledge Based Authentication System Using Persuasive Cued...

IOSR Journals

Pass byo bring your own picture for securing graphical passwords

LeMeniz Infotech

Graphical password authentication

bhavana sharma

A graphical password authentication system (ieee 2011) 1Shaibi Varkey

Graphical password based hybrid authentication system for smart hand held dev...

Alexander Decker

Ce36484489IJERA Editor

Graphical password authenticationAsim Kumar Pathak

Graphical Password Authenticationimp.docx2Raghu Vamsy Sirasala

Psdot 2 design and implementation of persuasive cued click-points and evalua...

ZTech Proje

Graphical password minor report

Love Kothari

Graphical Password Authentication

Dhvani Shah

Graphical password authentication using pccp with sound signature

eSAT Journals

What's hot (18)

Graphical password authentication system ppts

graphical password authentication

Image Based Authentication System

Graphical Password Authentication

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

Three Level Security System Using Image Based Aunthentication

Implementation of Knowledge Based Authentication System Using Persuasive Cued...

Pass byo bring your own picture for securing graphical passwords

Graphical password authentication

A graphical password authentication system (ieee 2011) 1

Graphical password based hybrid authentication system for smart hand held dev...

Ce36484489

Graphical password authentication

Graphical Password Authenticationimp.docx2

Psdot 2 design and implementation of persuasive cued click-points and evalua...

Graphical password minor report

Graphical Password Authentication

Graphical password authentication using pccp with sound signature

Viewers also liked

Engineering Project of Venkata Krishnabanda5630

Training report of PLC

Sumit Patidar

Session Hijacking ppt

Harsh Kevadia

Collaboration Diagram

fahad_uaar

Spoofing Techniques

Raza_Abidi

liquid a scalable deduplication file system for virtual machine images

Naseem nisar

SpoofingSanjeev

Viewers also liked (7)

Engineering Project of Venkata Krishna

Training report of PLC

Session Hijacking ppt

Collaboration Diagram

Spoofing Techniques

liquid a scalable deduplication file system for virtual machine images

Spoofing

Similar to Securing online password guessing attack

Three Level Security System Using Image Based Aunthentication

Bro Jayaram

Three Level Security System Using Image Based Aunthentication

Bro Jayaram

Persuasive Cued Click Point Password with OTP

IJCSIS Research Publications

Authentication plays a major role in Digital environment. In this environment we have different methods which generally use alphanumeric characters and special characters for password creation. These methods have some problems like hard to remember password because it has no meaning and easily breakable by third parties or attackers. To address these issues, many techniques for authentication are proposed from which graphical password method is best in terms of cost and usage. Basically, Graphical passwords use images for password creation and it has some demerits like hotspot and shoulder surfing problem. A persuasive cued click-point based method reduces hotspot problem. To prevent persuasive cued click-point based method from shoulder surfing we include one time password. For more user convenience we provide two login methods one which requires internet and other which does not require internet.

Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...

IOSR Journals

finale.ppt.pptx

AkashDongre7

7. 9589 1-pb

IAESIJEECS

Nowadays, password based authentication is one the most common way of authentication for most of the user logins. However, the advancement in technology also posing many threats for the password authentication systems. Everybody will be keen to know others password. But there exists a very few who is very keen to devise a new authentication. In this paper, we have proposed a more advanced password authentication method yet a simple one which gives a tough competition for the attacker to break the password. For this, we are providing a special key-display interface to assist the modified cued click point’s technique which helps in the more sophisticated dynamic authentication method. This interface helps to break the single password into a combination of 4 passwords and also adds three more password strings to the current password which is entered. It also uses a special one way encryption algorithm called Nesting 93 which is developed explicitly for this system. It helps to prevent almost any kind of attacks.

Multiple grid based graphical text password authentication

eSAT Publishing House

IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology

Efficient Securing System Using Graphical Captcha

Sankar Anand

Count based hybrid graphical password to prevent brute force attack and shoul...

eSAT Publishing House

Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey

IJSRD

Technology has elevated to grab an important position in humans life, the best example is smartphones. They offer access to network as well as online banking transactions, where simplification of human labour affects security and user authentication, and passwords are first line of defense, itÃ¢â‚¬â„¢s crucial to pick a strong password. Online banking applications currently use alphanumerical usernames and passwords for authentication, which are exposed to eves dropping, attacks, and shoulder surfing. Users often choose either easy to remember passwords, which can be easily guessed or difficult ones, which tend to be forgotten. The paper revolves around the views, limitation of current system and offers a dynamic biometrics, as it can be easily integrated into the existing computer security systems with minimal alteration and user intervention. The main objective is to secure using cued click point (CCP), which is one click based graphical password scheme for sequence of images and measuring, assessing humans typing rhythm, itÃ¢â‚¬â„¢s based upon the human tendency to memorize graphical passwords more comfortably.

Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey

IJSRD

IRJET- Graphical user Authentication for an Alphanumeric OTP

IRJET Journal

Graphical Password Authentication

IRJET Journal

SHUFFLED INPUT GRAPHICAL PASSWORD AUTHENTICATION SCHEMES BUILT ON CAPTCHA TEC...

ijiert bestjournal

When we consider the online service or desktop appl ication there is major issue of security breaching. Old password schemes has some drawbacks like hacking of password,shoulder-surfing attack as far as password is con cern,online password guessing attack,relay attack. Hence there must be system that provides good solution for suc h password cracking attacks. There are many solutions for it a nd various password schemes available that achieves this. The main drawback of these schemes is that users have t o deal with complicated and tedious steps as far as registration and login of user is concern as its logic contains some intense AI processes. These complicated AI pro cesses are exhaustive for common user of the system. In this p aper we proposed authentication scheme which consis t of graphical password based captcha challenge image. I t consists of both a captcha and a graphical passwo rd schemes. We extend the use of captcha as human present recog nition as well as graphical password hence it provi des all benefits of captcha and make system more powerful f rom security point of view.

Cued Click Point Authentication

Nouman Baloch

CARP: AN IMAGE BASED SECURITY USING I-PAS

International Journal of Technical Research & Application

— A CAPTCHA means "Completely Automated Public Turing test to tell Computers and Humans Apart". It is a type of challenge-response test used in computing to determine whether or not the user is human. CaRP is both a Captcha and a graphical password scheme. CaRP addresses a number of security problems altogether, such as online guessing attacks, relay attacks, and, if combined with dual-view technologies, shoulder-surfing attacks. Particularly, a CaRP password can be found only probabilistically by automatic online guessing attacks, even if the password is in the search set. CaRP also offers an approach to address the well-known image hotspot problem in popular graphical password systems, such as PassPoints, which often leads to weak password choices. Thus, a variant to the login/password scheme, using graphical scheme was introduced. But it also suffered due to shoulder-surfing and screen dump attacks. Thus it introduces a framework to proposed (IPAS) Implicit Password Authentication System, which is protected to the common attacks suffered by other authentication schemes.

Secure3 authentication for sensitive data on cloud using textual, chessboard ...

eSAT Journals

Abstract Existing systems of authentication are plagued by many weaknesses. As a high speed cloud infrastructure is being developed and people are informationized, the sensitive data are also engaged in cloud feild. However, the existing cloud sensitive file upload and download on cloud was exposed to the danger of hacking. Recently, the personal information has been leaked by a high degree method such as Phishing or Pharming beyond snatching a user ID and Password. Seeing that most of examples which happened in the file uploading and downloading were caused by the appropriation of ID or Password belonging to others, a safe user confirmation system gets much more essential. In this paper, we propose a new authentication system file uploading and downloading on cloud using HADOOP technique. In HADOOP technique there are 3 technique but we can use HDFS (Hadoop Distributed File System).This authentication system is a combination of a three authentication system i.e. Secure3 in that 1)Textual,2)Chessboard,3)QR-code Authentication. In Textual authentication normal authentication is required to login .i.e username and password. In chessboard authentication user plays a steps of a chessboard and select that steps as authentication. In QR-code used Mobile OTP with the combination of QR-code which is a variant of the 2D barcode. we also include a priority of a sensitive data in that low priority sensitive data have only a Textual authentication system. Medium priority sensitive data have Textual +chessboard authentication system. High priority sensitive data have Textual +chessboard +QR-code authentication system. Keywords: OTP(one Time Password),QR(Quick-Response),CBS(Chess Board System),HDFS (Hadoop Distributed File System),IMEI(International Mobile Center Equipment Identity),AES(Advanced Encryption Standard).

A novel multifactor authentication system ensuring usability and security

ijsptm

User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or secure but not usable. While there are different types of authentication systems available alphanumeric password is the most commonly used authentication mechanism. But this method has significant drawbacks. An alternative solution to the text based authentication is Graphical User Authentication based on the fact that humans tends to remember images better than text. Graphical password authentication systems provide passwords which are easy to be created and remembered by the user. However, the main issues of simple graphical password techniques are shoulder surfing attack and image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable or usable but not secure. . In this paper, a new technique that uses cued click point graphical password method along with the use of one-time session key is proposed. The goal is to propose a new authentication mechanism using graphical password to achieve higher security and better usability levels. The result of the system testing is evaluated and it reveals that the proposed system ensures security and usability to a great extent.

Research ppr

Sara Sahu

otp crid cards

Bayalagmaa Davaanyam

Similar to Securing online password guessing attack (20)

Three Level Security System Using Image Based Aunthentication

Persuasive Cued Click Point Password with OTP

Persuasive Cued Click Based Graphical Password with Scrambling For Knowledge ...

finale.ppt.pptx

7. 9589 1-pb

Multiple grid based graphical text password authentication

Efficient Securing System Using Graphical Captcha

Count based hybrid graphical password to prevent brute force attack and shoul...

Graphical Based Password for Android Phones using Keystroke Dynamics - A Survey

IRJET- Graphical user Authentication for an Alphanumeric OTP

Graphical Password Authentication

SHUFFLED INPUT GRAPHICAL PASSWORD AUTHENTICATION SCHEMES BUILT ON CAPTCHA TEC...

Cued Click Point Authentication

CARP: AN IMAGE BASED SECURITY USING I-PAS

Secure3 authentication for sensitive data on cloud using textual, chessboard ...

A novel multifactor authentication system ensuring usability and security

Research ppr

otp crid cards

Recently uploaded

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

Generating a custom Ruby SDK for your web service or Rails API using Smithy

g2nightmarescribd

Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Bits & Pixels using AI for Good.........

Alison B. Lowndes

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

Knowledge engineering: from people to machines and back

Elena Simperl

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Recently uploaded (20)

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

GraphRAG is All You need? LLM & Knowledge Graph

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Generating a custom Ruby SDK for your web service or Rails API using Smithy

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

DevOps and Testing slides at DASA Connect

Bits & Pixels using AI for Good.........

Epistemic Interaction - tuning interfaces to provide information for AI support

How world-class product teams are winning in the AI era by CEO and Founder, P...

Knowledge engineering: from people to machines and back

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Securing online password guessing attack

1. 1 Defenses Against Password Guessing Attacks By Using Persuasive Click Point Presentation On :- Presented By :- Saurav Sinha (Computer Science Engg.)

2. Contents  Objective  Traditional Graphical Password System  Classification of Passwords  Disadvantages of Existing System  Persuasive Cued Click Points (PCCP)  System Architecture  Advantages  Conclusion  References 2

3.  Objective 3  To force users to select more random, and difficult passwords to guess.  To provide better security and easy to remember passwords in the form of pictures.  To provide more secure authentication.  To provide user friendly environment to create password.

4.  Traditional Graphical Password System 1. Recognition Based Techniques 2. Recall based techniques :- Pass Points (PP) 4

5. Classifications of passwords5

6.  Disadvantages Of Existing System Token based system requires support of knowledge based system (Keys, Smartcards etc.) Knowledge based passwords are easily cracked by brute force and dictionary attacks (Text & Alphanumeric numbers) Biometrics based system is more complex and costly (Fingerprint, Retina, Face Geometry etc.) 6

7. Persuasive Cued Click Point (PCCP)  Select a click-point within the view port.  Shuffle button to randomly reposition the view port  View port guides users to select more random passwords 7

8. System Architecture 8

9. 9

10. Advantages  Better to remember a picture then an alphanumeric passwords.  More restrictive against brute force and dictionary attacks  More effective in preventing password guessing attacks 10

11.  Conclusion  There is a growing interest for Graphical passwords since they are better than Text based passwords, although the main argument for graphical passwords is that people are better at memorizing graphical passwords than text-based passwords  Persuasive Click point method provides greater security than other password methods. 11

12. References Wikipedia Google 12

13. Thank You 13

Securing online password guessing attack

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Viewers also liked

Viewers also liked (7)

Similar to Securing online password guessing attack

Similar to Securing online password guessing attack (20)

Recently uploaded

Recently uploaded (20)

Securing online password guessing attack