scholarly journals Attacks on Graphical Password: A Study on Defense Mechanisms and Limitations

2021 ◽  
Vol 3 (4) ◽  
pp. 180-183
Author(s):  
Indrani Roy ◽  
Ajmerry Hossain ◽  
SARKER TANVEER AHMED RUMEE
Keyword(s):  
Defense Mechanisms ◽  
State Of The Art ◽  
User Authentication ◽  
Social Engineering ◽  
Brute Force ◽  
Graphical Password ◽  
Shoulder Surfing ◽  
User Friendly

User authentication is mostly reliant on password-based based verification. Users generally used text-based passwords, which are user-friendly but often predictable and vulnerable to some common attacks. To overcome these shortcomings, graphical authentication methods have emerged. Here, users choose a sequence of images as passwords. Though such methods help users to better remember their passwords, they too suffer from attacks seen in the case of textual passwords. This paper presents a comprehensive summary of the vulnerabilities state of the art graphical password schemes against the following well-known attacks -  Dictionary, Guessing, Brute force, Shoulder surfing, Spyware, and Social engineering. We believe the findings of this study can help researchers design more secure graphical password schemes making them more usable and a realistic replacement for text-based passwords.  

scholarly journals A Pattern-Based Multi-Factor Authentication System

2019 ◽  
Vol 20 (1) ◽  
pp. 101-112 ◽  
Author(s):  
Pankhuri . ◽  
Akash Sinha ◽  
Gulshan Shrivastava ◽  
Prabhat Kumar
Keyword(s):  
Artificial Intelligence ◽  
User Authentication ◽  
Authentication Scheme ◽  
Brute Force ◽  
Security Attacks ◽  
Graphical Password ◽  
Efficient Strategy ◽  
Shoulder Surfing ◽  
Different Types ◽  
Authentication System

User authentication is an indispensable part of a secure system. The traditional authentication methods have been proved to be vulnerable to different types of security attacks. Artificial intelligence is being applied to crack textual passwords and even CAPTCHAs are being dismantled within few attempts. The use of graphical password as an alternate to the textual passwords for user authentication can be an efficient strategy. However, they have been proved to be susceptible to shoulder surfing like attacks. Advanced authentication systems such as biometrics are secure but require additional infrastructure for efficient implementation. This paper proposes a novel pattern-based multi-factor authentication scheme that uses a combination of text and images resulting for identifying the legitimate users. The proposed system has been mathematically analyzed and has been found to provide much larger password space as compared to simple text based passwords. This renders the proposed system secure against brute force and other dictionary based attacks. Moreover, the use of text along with the images also mitigates the risk of shoulder surfing.

scholarly journals A Review on Shoulder Surfing Attack in Authentication Technique using Cued Click Point (CCP)

2021 ◽  
pp. 141-144
Author(s):  
Jasmin P. Bhootwala ◽  
Dr Subhash G. Desai
Keyword(s):  
User Authentication ◽  
Social Engineering ◽  
Image Point ◽  
Dictionary Attack ◽  
Graphical Password ◽  
Graphical Passwords ◽  
Security Authentication ◽  
Shoulder Surfing ◽  
Brute Force Attack ◽  
Graphical System

Security important now a days. Users of primary preference to security. Authentication process provide security to the user. Authentication process of identifying the person’s identity or conforming the identity of person. There are various authentication method, but most commonly used method is textual password. Combination of alphabet and number create a secure password. But some drawbacks i.e. it easily guess by also called attacker. If it make complex then it hard to memorize. Also various attacks brute force attack, dictionary attack, social engineering attack, evesdropping, etc. of textual password graphical password system introduced. Graphical system is easy to memorize but it undergo shoulder surfing attack which big problem. any entity or person can observe users password directly or by using any device. So as an alternative Graphical Passwords are introduced to resist the Shoulder surfing attack. the above mentioned attacks the new scheme highlights cued click point (CCP), Using graphical password as input and grid lines for image point verification. This paper survey shoulder surfing attacks in graphical password approach.

Shoulder-Surfing Resistant Smartphone Authentication Scheme Using Virtual Joystick

2013 ◽  
Vol 284-287 ◽  
pp. 3497-3501 ◽  
Author(s):  
Si Wan Kim ◽  
Hyun Yi Yi ◽  
Gun Il Ma ◽  
Jeong Hyun Yi
Keyword(s):  
Mobile Device ◽  
User Authentication ◽  
Authentication Scheme ◽  
Brute Force ◽  
Password Authentication ◽  
Graphical Password ◽  
Shoulder Surfing ◽  
Authentication Schemes ◽  
Brute Force Attack

User authentication techniques such as the setting of passwords are gradually gaining importance as a means of managing important information stored in smartphones. Existing text–based password authentication schemes have the advantages of being quick and easy to use. However, they are problematic in that passwords are easily exposed to shoulder-surfing attack. In addition, a graphical password authentication scheme has the limitation of being difficult to apply to mobile device environments, in which a lot of information must be remembered and small-sized screens are provided. Therefore, in this paper, we propose a new hybrid password authentication scheme using a pocket billiard and a virtual joystick, which is secure against shoulder-surfing, brute force attack, and smudge attack and has excellent usability.

scholarly journals Graphical password scheme to diminish shoulder surfing

2017 ◽  
Vol 7 (1.1) ◽  
pp. 234
Author(s):  
D. Sri Ram Varma ◽  
K. Meghana ◽  
V. Sai Deepak ◽  
R. Murugan
Keyword(s):  
Authentication Scheme ◽  
Biometric Authentication ◽  
Brute Force ◽  
Graphical Password ◽  
The People ◽  
Shoulder Surfing ◽  
Common Technique ◽  
Authentication Schemes ◽  
Dictionary Attacks

Many authentication schemes are known to us but none of them are completely secure. Textual password is the most common technique used by majority of the people in the industry. But Textual passwords are vulnerable to dictionary attacks, keyloggers, brute-force attacks, even guessing may work out sometimes. Alternative authentication schemes have been proposed to overcome this problem, some of them are Biometric authentication, retina based authentication, graphical password scheme ETC., Authentication Schemes such as biometric and retina scans are too costly, so they are not always preferred. Not every graphical authentication is secure and efficient. In this paper, an authentication scheme with a combination of text and colour is proposed. This allows the user to log-in to the framework a little more secure.

scholarly journals Research and Development of User Authentication using Graphical Passwords: A Prospective Methodology

2019 ◽  
Vol 8 (9S3) ◽  
pp. 385-390
Keyword(s):  
User Authentication ◽  
Brute Force ◽  
Computer User ◽  
Dictionary Attack ◽  
Password Authentication ◽  
Graphical Password ◽  
Graphical Passwords ◽  
A New Technique ◽  
Guessing Attack ◽  
Brute Force Attack

Nowadays in information security user authentication is a very important task. In most of the computer, user authentication depends on the alphanumeric username and password. It means text-based password. But, this is not highly secure because of hackers can easily break the password. Brute force attack, dictionary attack, guessing attack etc. these all are some possible attacks on the password. If the user chooses a difficult password to prevent the system from the attackers which is very much harder for the user to remember such a difficult password. So, to resolve this problem introduced a new technique called graphical password authentication. This paper presents a detailed survey of user authentication techniques using a graphical password. It contains basically two type approaches. They are recognition-based and recall-based approaches. This survey discusses the different techniques about Graphical password authentication and their advantages and limitations. The survey provides a roadmap for the development of new graphical authentication scheme.

scholarly journals Study and Development of Graphical Authentication System for Secure File Transmission

2018 ◽  
Vol 7 (4.10) ◽  
pp. 470
Author(s):  
P. L.P.Ramyasri ◽  
D. Malathi ◽  
J. D. Dorathi Jayaseeli ◽  
K. Senthilkumar
Keyword(s):  
Social Engineering ◽  
Survey Study ◽  
Future Research ◽  
Brute Force ◽  
Graphical Password ◽  
Graphical Passwords ◽  
Password Security ◽  
Authentication System ◽  
Present Text ◽  
Dictionary Attacks

The text-based password has been the most common practice from ancient days till present. Text based pass-words are also known for various threats, and it is prone to attacks like guessing attacks, dictionary attacks, social engineering attacks, brute force attacks, etc. The next immediate concept following the text based password is the graphical password schemes to improve password security and usability. In present days graphical passwords are being implemented more commonly. This approach is different from the traditional alpha numeric as it deals with images. In this paper a survey study is done to analyse various techniques used for authentication and also some of the methods for graphical authentication techniques like Pass Matrix, Cued Clicked points(CPP), CAPTCHA, Image distortion with text association, Doodle scheme, Standard recognition-based scheme, Stegno pin authentication method. Based on the existing methods, the future research can be done in order to improve security for graphical authentication.  

scholarly journals An Enhanced Graphical Password Technique Using Fake Pointers

10.28945/2221 ◽  
2015 ◽  
Author(s):  
Boniface Kayode Alese ◽  
Adewumi Adewale Omojowo ◽  
Tosin Akinwale Adesuyi ◽  
Aderonke Favour-Bethy Thompson ◽  
Sunday Olumide Adewale ◽  
...  
Keyword(s):  
Query Language ◽  
User Authentication ◽  
Video Camera ◽  
Graphical Password ◽  
Front End ◽  
Shoulder Surfing ◽  
Structured Query Language ◽  
Or Organization ◽  
Authentication Technique

Security is the degree of resistance to, or protection from harm. It applies to any vulnerable and valuable asset, such as person, community, nation, or organization. Thus, the determination of a user being allowed access to a resource(s) is done cautiously. Alphanumeric password has been used for authentication, however, it is inherently limited. Graphical password is a possible alternative. Consequently, this paper designs a new graphical password technique based on images, rather than alphanumeric strings. Although, graphical password technique is more secure than textual password. It is also vulnerable to attacks. The most common problem therefore with Graphical Password is the Shoulder Surfing problem, also called “PEEPING ATTACK”. In this paper, we proposed a user authentication technique called “FAKEPOINTER”- a user authentication technique that conceals users’ authentication secret regardless of a shoulder surfer success by video camera(s). In the software designed, a graphical password fake indicator (pointer) is incorporated to enhance users’ login (password) against attack. The system is designed to run on windows platform with .Net support with Microsoft Structured Query Language Server as the back end, C# as front end. The system performs better when compared to existing system.

Sign in / Sign up

Export Citation Format

Share Document