A New Graphical Password Scheme Resistant to Shoulder-Surfing

Gao, Haichang; Ren, Zhongjie; Chang, Xiuling; Liu, Xiyang; Aickelin, Uwe

doi:10.2139/ssrn.2829284

Cited by 13 publications

(12 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In this research, we aim to develop a method where a password as well as a picture hand-drawn by the user are needed during the login process. This is different from other existing image authentication mechanisms [5,6], which only allow users to choose a pre-defined picture rather than letting them draw by themselves.…”

Section: Introductionmentioning

confidence: 89%

Improving Security with Two-factor Authentication Using Image

Mahitthiburin

Boonkrong

2015

KMUTNB: IJAST

View full text Add to dashboard Cite

Most of today's authentication mechanisms only involve the use of username and password. This is known as one-factor authentication. Even though the method is the most commonly used, there have been problems with its security. This research, therefore, aims to design and develop a two-factor authentication that can improve the security of authentication mechanism. The proposed method contains an extra factor of authentication in image. Combining with the use of username and password, users are allowed to draw anything they want to make up another factor. This makes it different from other existing image authentication mechanisms which force users to choose pre-defined images. The proposed method was tested with thirty users to determine the most appriate security threshold. The performance of the system was evaluated, and the satisfactory survey was also taken.

show abstract

Section: Introductionmentioning

confidence: 89%

Improving Security with Two-factor Authentication Using Image

Mahitthiburin

Boonkrong

2015

KMUTNB: IJAST

View full text Add to dashboard Cite

show abstract

“…Their study results proved the superiority of retention of multiple graphical passwords over multiple PINs and that mnemonics could aid even the recall of multiple graphical passwords. The use of mnemonics and degraded images in a recognition-based system was also studied in [60]. This scheme, which borrowed its ideas from the story scheme, used a trace line across both the user's pass-images and the distractor images, to safeguard against the shoulder-surfing problem.…”

Section: Page 24mentioning

confidence: 99%

“…The user is then expected to click on these click points in exactly the same order as they did during registration in order to authenticate. The click points scheme is considered a cued recall based system and is one of the most studied graphical authentication systems today [60]. The difference between the new system and the system proposed by Blonder is that this system does not impose any restrictions on click points.…”

Section: A the Passpoints Schemementioning

confidence: 99%

Security and User Interface Usability of Graphical Authentication Systems – A Review

Suru¹,

Murano²

2019

IJCTT

View full text Add to dashboard Cite

Alphanumeric text and PINs continue to be the dominant authentication methods in spite of the numerous concerns by security researchers of their inability to properly address usability and security flaws and to effectively combine usability and security. These flaws have, however, contributed to the growing research interest in the development and use of graphical authentication systems as alternatives to text based systems. Graphical passwords or graphical authentication systems are password systems that use images rather than characters or numbers in user authentication. In spite of the growing acceptance of graphical passwords, empirical studies have shown that graphical authentication systems have also inherited some of the flaws of text-based passwords. These flaws include predictability, vulnerability to observational attacks and the inability of systems to efficiently combine security with usability. Hence, there is a continued quest to find a "system" that has both strong usability and strong security. This paper is a detailed review of the current state of research into graphical authentication systems. The paper considers in detail some of the mechanisms used in graphical authentication, along with the flaws and strengths of each. The paper also concludes with some suggested ways forward.

show abstract

“…This approach also makes it easier to memorize the password, simpler to use and has more security. Given the two assumptions that humans can recall images better than numbers and words and the notion that a picture is more valuable than a thousand "passwords", software companies and psychological researches appear to concur with this approach [16][17][18]. Searchmetric or Cognometric systems, also called Recognition-Based systems, request users to learn and recall image portfolios during password generation, and next in order to log in, identify pictures among the decoys.…”

Section: Introductionmentioning

confidence: 99%

Evaluation of Recognition-Based Graphical Password Schemes in Terms of Usability and Security Attributes

Khodadadi

Islam

Baharun

et al. 2016

IJECE

View full text Add to dashboard Cite

<p>User Authentication is a critical component in information security. Several widely used mechanisms for security to protect services from illegal access include alphanumerical usernames passwords. However, there are several drawbacks attached in this method. For instance, the users themselves usually those passwords that are easy to guess. As difficult passwords are difficult to recall. A new alternative is the graphic-based password and there has been a growing trend in the use of such a password. The human psychology study reveals that humans find it easier to remember pictures as opposed to words. There are two main aspects to the graphical password scheme, namely security and usability. This study comprises of a comprehensive research in the current Recognition-Based graphical password schemes. The common usability attributes and possible attacks on the Recognition-Based graphical password are reviewed, identified and examined in detail. There are several previous surveys on the graphical passwords. The latest research review and summarize graphical password systems concisely and at the same time, analyze usability features for every design. However it was found that there is not a single method that has the most resounding usability attributes. Therefore, this research suggests a set of usability attributes that can be applied into a single Recognition-Based graphical password system. In addition, this study examines and compares success rates on login, login time and memorability of existing systems which are the usability measures most often reported in user studies of graphical passwords. Lastly, a comparison table is revealed to put forth the limitations and strengths of each approach in terms of security and usability.</p>

show abstract

A New Graphical Password Scheme Resistant to Shoulder-Surfing

Cited by 13 publications

References 14 publications

Improving Security with Two-factor Authentication Using Image

Improving Security with Two-factor Authentication Using Image

Security and User Interface Usability of Graphical Authentication Systems – A Review

Evaluation of Recognition-Based Graphical Password Schemes in Terms of Usability and Security Attributes

Contact Info

Product

Resources

About