Graphical Password Authentication Using Cued Click Points

Chiasson, Sonia; Oorschot, Paul C. van; Biddle, Robert

doi:10.1007/978-3-540-74835-9_24

Cited by 207 publications

(177 citation statements)

References 13 publications

(24 reference statements)

Supporting

Mentioning

176

Contrasting

Order By: Relevance

“…In Microsoft Windows 8 graphical password system, the most common password includes an image of a person and clicking three times on the face, where one of the selection points was an eye. In this case, the cued-click points (CCP) [7] system presents a series of images and permits users to choose only a single point per image, decreasing the need to select common hotspots. Interpretation of this method led to authentication times in the range of 7-8 seconds and success rates of about 90-96%.…”

Section: A Cued-recall Password Schemesmentioning

confidence: 99%

Graphical Cipher Ratification System

Chelliah¹

2017

IJRASET

View full text Add to dashboard Cite

Graphical Cipher Ratification System is a new graphical password strategy for common terminals that restores the passive digital models commonly used in graphical password systems with materialized tokens, in the form of digital images shown on device such as a smart phone. Users lay forward these images to a system and then input their password as a chain of options on live display of the token. Unique characteristics are taken from these options and used as the cipher. We lay forward three practicability studies of Graphical Cipher Ratification System exploring its authenticity, benefit, and protection against supervision. The authentication study shows that picture-characterized based passwords are noticeable and recommends necessary system attributes. Passwords should contain seven characteristics, 40% of which must analytically match the ones stored on a reliable server in order to be identical. The work completion time and error rates have to be 7.5 seconds and 9%, largely proportionate with the previous graphical password systems which use unchanging digital pictures. Lastly, the security research highlights Graphical Cipher Ratification System's resistance to inspection attack. Thus, three types of attacks such as shoulder surfing, camera-based surveillance or dictionary attacks will fail to record or notice the user's password. These results imply that Graphical Cipher Ratification System promises security while controlling the benefits of the present graphical password strategy. Index Terms-Graphical cipher, Ratification, digital images, shoulder surfing, surveillance, dictionary attacks I. INTRODUCTION Protected access to data establishes present day systems and services. We preserve our interactions, financial data, official documents, and personal files secured by lending identity information and then validating to that identity. Text passwords as well as personal identification numbers (PINs) are the main authentication method [5] as they are not complex and can be set up on systems such as public terminals, or mobile devices. However, difficult passwords can be forgotten easily [13] and are also subject to security problems. This is a major issue since an average user has 25 online accounts protected with up to six contrasting passwords [12] and showing a significant memory burden. To handle this problem, individuals take up insecure coping strategies such as repetition of passwords across systems, making a note of the passwords, or simply forgetting them completely [1]. To ensure that such issues are eased, researchers are looking at them carefully while putting forward and suggesting graphical password schemes [3], [4] that depend on input such as picking portions of a picture. These systems have been displayed to enhance memorability without disturbing input time and error rates [16] by also maintaining great resistance to brute force as well as guessing attacks [3]. However, graphical passwords have their issues. One such issue is their sensitivity to intelligent guessing [5], [6], [...

show abstract

Section: A Cued-recall Password Schemesmentioning

confidence: 99%

Graphical Cipher Ratification System

Chelliah¹

2017

IJRASET

View full text Add to dashboard Cite

show abstract

“…An attacker starts using a video camera or camera phones to capture an authentication action, user's screen or keyboard as they logged in. And extracts a target user's secret from the video record later (Takada, 2008;Chiasson, 2007). Attackers have recently come up with different vision-enhanced devices to perpetrate this attacks.…”

Section: Shoulder Surfing Attackmentioning

confidence: 99%

An Enhanced Graphical Password Technique Using Fake Pointers

Alese¹,

Omojowo²,

Adesuyi³

et al. 2015

InSITE Conference

View full text Add to dashboard Cite

Security is the degree of resistance to, or protection from harm. It applies to any vulnerable and valuable asset, such as person, community, nation, or organization. Thus, the determination of a user being allowed access to a resource(s) is done cautiously. Alphanumeric password has been used for authentication, however, it is inherently limited. Graphical password is a possible alternative. Consequently, this paper designs a new graphical password technique based on images, rather than alphanumeric strings. Although, graphical password technique is more secure than textual password. It is also vulnerable to attacks. The most common problem therefore with Graphical Password is the Shoulder Surfing problem, also called "PEEPING ATTACK". In this paper, we proposed a user authentication technique called "FAKEPOINTER"-a user authentication technique that conceals users' authentication secret regardless of a shoulder surfer success by video camera(s). In the software designed, a graphical password fake indicator (pointer) is incorporated to enhance users' login (password) against attack. The system is designed to run on windows platform with .Net support with Microsoft Structured Query Language Server as the back end, C# as front end. The system performs better when compared to existing system.

show abstract

“…A good authentication system should encourage robust passwords while preserving memorability [10]. An excellent password authentication system should boost less anticipated passwords along with preserving memorability and security [3].…”

Section: Introductionmentioning

confidence: 99%

Graphical Password Authentication using a Fake Cursor Approach

Jog¹,

Patankar²

2016

IJCA

View full text Add to dashboard Cite

This paper presents a novel method for solving the shoulder surfing problem commonly found in the graphical password authentication system. Authentication of a user is the critical aspect required to gain access to secure and confidential data. Most of the current systems are using alphanumeric password for authentication purpose, however alphanumeric passwords have some disadvantages for example in terms of memorability. So a substitute to alphanumeric passwords, graphical passwords have been recommended. Graphical passwords have been planned to make passwords more unforgettable and effortless for the people to use. During a graphical password authentication, end users click on particular points on images rather than submitting alphanumeric characters. Graphical password schemes can be grouped into two general categories based on the type of cognitive activity required to remember the specific password: recognition and recall. Recognition is the easiest for human memory where on the other hand pure recall is most difficult since the information must be accessed from memory with no triggers. This paper focuses on Cued recall which falls somewhere between these two as it offers a cue which must establish a context and trigger the stored memory. Graphical passwords generally suffer from shoulder surfing problem. The problem of shoulder surfing is solved using a fake cursor approach. This is a new approach in which two cursors are displayed during the login phase and only the authorized user is aware which is the original cursor and which one is the fake cursor.

show abstract

Graphical Password Authentication Using Cued Click Points

Cited by 207 publications

References 13 publications

Graphical Cipher Ratification System

Graphical Cipher Ratification System

An Enhanced Graphical Password Technique Using Fake Pointers

Graphical Password Authentication using a Fake Cursor Approach

Contact Info

Product

Resources

About