Attacks on Graphical Password: A Study on Defense Mechanisms and Limitations

User authentication is mostly reliant on password-based based verification. Users generally used text-based passwords, which are user-friendly but often predictable and vulnerable to some common attacks. To overcome these shortcomings, graphical authentication methods have emerged. Here, users choose a sequence of images as passwords. Though such methods help users to better remember their passwords, they too suffer from attacks seen in the case of textual passwords. This paper presents a comprehensive summary of the vulnerabilities state of the art graphical password schemes against the following well-known attacks - Dictionary, Guessing, Brute force, Shoulder surfing, Spyware, and Social engineering. We believe the findings of this study can help researchers design more secure graphical password schemes making them more usable and a realistic replacement for text-based passwords.

Engineering Graphical Captcha and AES Crypto Hash Functions for Secure Online Authentication

Password alone is currently not trusted for user online authentication and security as threats from hackers continue to grow, requiring highly efficient defense safeguard protection against unauthorized users. Therefore, CAPTCHA techniques came into the picture as an automated assistance to distinguish between humans and robots. The CAPTCHA has several applications in the online security domain requiring to be merged with encrypted hash function benefitting from the facility of the graphical password schemes. This paper proposes engineering an authentication technique using graphical CAPTCHA with an AES encrypted hash password to maintain applicable security accessing systems. We propose three layered security system that joins highly efficient security mechanisms to avoid users’ stress of entering password many times or different other hectic routines in order to save account accessing.

Web Application Authentication Using Visual Cryptography and Cued Clicked Point Recall-based Graphical Password

Alphanumerical usernames and passwords are the most used computer authentication technique. This approach has been found to have a number of disadvantages. Users, for example, frequently choose passwords that are simple to guess. On the other side, if a password is difficult to guess, it is also difficult to remember. Graphical passwords have been proposed in the literature as a potential alternative to alphanumerical passwords, based on the fact that people remember pictures better than text. Existing graphical passwords, on the other hand, are vulnerable to a shoulder surfing assault. To address this shoulder surfing vulnerability, this study proposes an authentication system for web-applications based on visual cryptography and cued click point recall-based graphical password. The efficiency of the proposed system was validated using unit, system and usability testing measures. The results of the system and unit testing showed that the proposed system accomplished its objectives and requirements. The results of the usability test showed that the proposed system is easy to use, friendly and highly secured.

An Analytical Study of Graphical Password Authentication System

Normally for human psyche it is difficult to recollect text based secret phrase. Text based passwords are not difficult to figure on the grounds that the utilization of general arrangement of numbers, character and unique image, for that reason we carried out the Graphical Password Authentication System. In that we had utilized Image based and Pair based confirmation framework. First and foremost in Imaged based secret key client can pick pixels on that picture as secret key. For each picture just a single pixel is chosen. After choice one pixel change the picture select second pixel from second picture correspondingly clients select three pixels. In pair based secret key, client picks characters from sections and columns all the while from the matrix then, at that point getting that convergence point as a secret key. We have given rearranging choice to exchanging character arrangement it assists with forestalling the shoulder enduring assault, so we have improved security by utilizing PCCP and Imaged based secret key framework which having capacity of shield from the assailant, wafers and so.