CybIQ: Secure Authentication Method

With increased vulnerabilities and vast technology landscapes, it is extremely critical to build systems which are highly resistant to cyber-attacks, to break into systems to exploit. It is almost impossible to build 100% secure authentication & authorization mechanisms merely through standard password / PIN (With all combinations of special characters, numbers & upper/lower case alphabets and by using any of the Graphical password mechanisms). The immense computing capacity and several hacking methods used, make almost every authentication method susceptible to cyber-attacks in one or the other way. Only proven / known system which is not vulnerable in spite of highly sophisticated computing power is, human brain. In this paper, we present a new method of authentication using a combination of computer’s computing ability in combination with human intelligence. In fact this human intelligence is personalized making the overall security method more secure. Text based passwords are easy to be cracked [6]. There is an increased need for an alternate and more complex authentication and authorization methods. Some of the Methods [7] [8] in the category of Graphical passwords could be susceptible, when Shoulder surfing/cameras/spy devices are used.

Web Application Authentication Using Visual Cryptography and Cued Clicked Point Recall-based Graphical Password

Alphanumerical usernames and passwords are the most used computer authentication technique. This approach has been found to have a number of disadvantages. Users, for example, frequently choose passwords that are simple to guess. On the other side, if a password is difficult to guess, it is also difficult to remember. Graphical passwords have been proposed in the literature as a potential alternative to alphanumerical passwords, based on the fact that people remember pictures better than text. Existing graphical passwords, on the other hand, are vulnerable to a shoulder surfing assault. To address this shoulder surfing vulnerability, this study proposes an authentication system for web-applications based on visual cryptography and cued click point recall-based graphical password. The efficiency of the proposed system was validated using unit, system and usability testing measures. The results of the system and unit testing showed that the proposed system accomplished its objectives and requirements. The results of the usability test showed that the proposed system is easy to use, friendly and highly secured.

Secured Application Environment using Enhanced Graphical Passwords

Today computer and mobile based applications has become an integral part of our life. Thus, there arises a need of a reliable security while using these applications using authentication techniques that are most secured and hard to crack. Today many authentication techniques are introduced for better security and replace textual authentication technique. But these techniques are proving insufficient, so new ways should be studied and introduced for better security. So, we are concentrating on two such techniques, first we studied graphical authentication systems using images. The one such technique called gRat which uses set of images for authentication was found to be useful. The second for searching a different authentication technique we came across ENP which explains how to provide security using to an application by using hashing, ascii, negation and cryptography together for a secured application. So, we find out that one technique is insufficient and more than two techniques should be combined together. So, in this paper we are recommending a dual authentication technique. First technique will be used for login id and other will be used for login password. The first technique uses a set of images with specific border colors for authentication and is called Graphical random authentication technique (gRat). In this technique a set of images with different boundary colors are displayed for the user which are shown randomly each time a user attempts a login ID. The user has to select the same set of images with same boundary color in same format for login ID verification than only second technique for login password will be shown. The second technique uses encryption and negative password together called as Encrypted negative password (ENP). In this technique while deciding a password a plain textual password is accepted from the user and then it is converted to hash code using hashing algorithm. Then the hash code is converted to an ascii code od 0’s and 1’s. Then negation is applied to the ascii where we get a negative text. The negative text is then encrypted. This process is followed in reverse while authentication. After second correct verification main application will be started. Both authentication data will be secured by Advanced encryption standard (AES) algorithm and saved on cloud. We are using public cloud Google drive as our cloud as it is free and more secured. Thus, while testing the application for authentication using both techniques together our system becomes very secured and almost unbreakable.

Test for Detection of Weak Graphic Passwords in Passpoint Based on the Mean Distance between Points

This work demonstrates the ineffectiveness of the Ripley’s K function tests, the distance to the nearest neighbor, and the empty space function in the Graphical Authentication scenario with Passpoint for the detection of non-random graphical passwords. The results obtained show that none of these tests effectively detect non-random graphical passwords; the reason for their failure is attributed to the small sample of the spatial pattern in question, where only the five points of the graphical password are analyzed. Consequently, a test based on mean distances is proposed, whose experiments show that it detects with good efficiency non-random graphical passwords in Passpoint. The test was designed to be included in the Graphical Authentication systems with Passpoint to warn the user about a possibly weak password during the registration phase, and in this way, the security of the system is increased.

A Review on Shoulder Surfing Attack in Authentication Technique using Cued Click Point (CCP)

Security important now a days. Users of primary preference to security. Authentication process provide security to the user. Authentication process of identifying the person’s identity or conforming the identity of person. There are various authentication method, but most commonly used method is textual password. Combination of alphabet and number create a secure password. But some drawbacks i.e. it easily guess by also called attacker. If it make complex then it hard to memorize. Also various attacks brute force attack, dictionary attack, social engineering attack, evesdropping, etc. of textual password graphical password system introduced. Graphical system is easy to memorize but it undergo shoulder surfing attack which big problem. any entity or person can observe users password directly or by using any device. So as an alternative Graphical Passwords are introduced to resist the Shoulder surfing attack. the above mentioned attacks the new scheme highlights cued click point (CCP), Using graphical password as input and grid lines for image point verification. This paper survey shoulder surfing attacks in graphical password approach.