Shoulder-surfing resistance with eye-gaze entry in cued-recall graphical passwords

2010 ◽  
Author(s):  
Alain Forget ◽  
Sonia Chiasson ◽  
Robert Biddle
Keyword(s):  
Eye Gaze ◽  
Cued Recall ◽  
Graphical Passwords ◽  
Shoulder Surfing

scholarly journals A REVIEW - CAPTCHA AS GRAPHICAL PASSWORDS—A NEW SECURITY PRIMITIVE BASED ON HARD AI PROBLEMS

2016 ◽  
Vol 2 (4) ◽  
Author(s):  
PANKAJ ,
Keyword(s):  
Computer Science ◽  
Graphical Passwords ◽  
Shoulder Surfing ◽  
On Line

Most of the safety primeval square measure supported mathematical issues. This analysis goals to check existing parole and to style a brand new improved graphical parole pattern. Captcha as a graphical parole. during this paper, we tend to discuss a brand new security primeval supported exhausting computer science issues, a innovative of graphical parole systems created on dominant of Captcha technology, what we are saying Captcha as graphical passwords (CaRP). CaRP is each a Captcha and a graphical parole pattern. With the mix of CAPTCHA and graphical parole  addresses a like on-line estimation attacks, relay attacks, combination of with dual-view technology, and shoulder-surfing attacks. If the parole is in search nominative then CaRP parole are often found solely risk by automatic on-line estimation attack.

CogniPGA: Longitudinal Evaluation of Picture Gesture Authentication with Cognition-Based Intervention

i-com ◽  
2019 ◽  
Vol 18 (3) ◽  
pp. 237-257
Author(s):  
Christina Katsini ◽  
Nikolaos Avouris ◽  
Christos Fidas
Keyword(s):  
Cognitive Style ◽  
Cued Recall ◽  
The Other ◽  
Visual Exploration ◽  
Visual Behavior ◽  
Longitudinal Evaluation ◽  
Cognitive Characteristics ◽  
Graphical Passwords ◽  
Authentication Schemes ◽  
Password Strength

AbstractThere is evidence that the visual behavior of users when creating graphical passwords affects the password strength. Adopting a cognitive style perspective in the interpretation of the results of recent studies revealed that users, depending on their cognitive style, follow different visual exploration paths when creating graphical passwords which affected the password strength. To take advantage of the inherent abilities of people, we proposed CogniPGA, a cued-recall graphical authentication scheme where a cognition-based intervention using gaze data is applied. This paper presents the longitudinal evaluation of the proposed scheme in terms of security, memorability, and usability from a cognitive style perspective. Results strengthen the assumptions that understanding and using the inherent cognitive characteristics of users could enable the design of user-first authentication schemes, where no compromises need to be made on security for benefiting usability or the other way around.

scholarly journals A shoulder surfing resistance using graphical authentication system

2018 ◽  
Vol 7 (1.7) ◽  
pp. 169
Author(s):  
Rupavathy N ◽  
Carmel Mary Belinda M. J ◽  
Nivedhitha G
Keyword(s):  
Mobile Apps ◽  
Security And Privacy ◽  
Experimental Result ◽  
Internet Applications ◽  
Multiple Camera ◽  
Graphical Passwords ◽  
Weakest Link ◽  
Shoulder Surfing ◽  
Authentication System ◽  
Vertical Bars

Authentication supported passwords is employed mostly in applications for laptop security and privacy. However, human actions like selecting unhealthy passwords and inputting passwords in an insecure approach are considered “the weakest link” within the authentication chain. Instead of impulsive alphanumerical strings, users tend to decide on passwords either short or purposeful for simple learning. With internet applications and mobile apps piling up, individuals will access these applications any time and any place with  numerous devices. This evolution brings nice convenience however additionally will increase the chance of exposing passwords to shoulder surfing attacks. Attackers will observe directly or use external recording devices to gather users’ credentials. To overcome this drawback, we tend to plan a unique authentication system Pass Matrix, supported graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulatory horizontal and vertical bars covering the  complete scope of pass-images, Pass Matrix offers no hint for attackers to work out or slim down the password even they conduct multiple camera-based attacks. We tend to additionally enforce a Pass Matrix image on android and applied real user experiments to judge   its memorability and usefulness. From the experimental result, the proposed system achieves higher resistance shoulder surfing attacks whereas maintaining usability.

scholarly journals A Fractal-Based Authentication Technique Using Sierpinski Triangles in Smart Devices

Sensors ◽  
2019 ◽  
Vol 19 (3) ◽  
pp. 678 ◽  
Author(s):  
Adnan Ali ◽  
Hamaad Rafique ◽  
Talha Arshad ◽  
Mohammed A. Alqarni ◽  
Sajjad Hussain Chauhdary ◽  
...  
Keyword(s):  
Smart Devices ◽  
Brute Force ◽  
Potential Threat ◽  
Graphical Passwords ◽  
Sierpinski Triangle ◽  
Authentication Mechanism ◽  
Shoulder Surfing ◽  
Physical Resources ◽  
Common Technique ◽  
Authentication Technique

The prevalence of smart devices in our day-to-day activities increases the potential threat to our secret information. To counter these threats like unauthorized access and misuse of phones, only authorized users should be able to access the device. Authentication mechanism provide a secure way to safeguard the physical resources as well the information that is processed. Text-based passwords are the most common technique used for the authentication of devices, however, they are vulnerable to a certain type of attacks such as brute force, smudge and shoulder surfing attacks. Graphical Passwords (GPs) were introduced as an alternative for the conventional text-based authentication to overcome the potential threats. GPs use pictures and have been implemented in smart devices and workstations. Psychological studies reveal that humans can recognize images much easier and quicker than numeric and alphanumeric passwords, which become the basis for creating GPs. In this paper a novel Fractal-Based Authentication Technique (FBAT) has been proposed by implementing a Sierpinski triangle. In the FBAT scheme, the probability of password guessing is low making system resilient against abovementioned threats. Increasing fractal level makes the system stronger and provides security against attacks like shoulder surfing.

scholarly journals Polynomial-Based Google Map Graphical Password System against Shoulder-Surfing Attacks in Cloud Environment

Complexity ◽  
2019 ◽  
Vol 2019 ◽  
pp. 1-8 ◽  
Author(s):  
Zhili Zhou ◽  
Ching-Nung Yang ◽  
Yimin Yang ◽  
Xingming Sun
Keyword(s):  
Human Brain ◽  
Identity Authentication ◽  
Long Term Memory ◽  
Cloud Environment ◽  
Term Memory ◽  
Specific Location ◽  
Graphical Password ◽  
Graphical Passwords ◽  
Shoulder Surfing

Text password systems are commonly used for identity authentication to access different kinds of data resources or services in cloud environment. However, in the text password systems, the main issue is that it is very hard for users to remember long random alphanumeric strings due to the long-term memory limitation of the human brain. To address this issue, graphical passwords are accordingly proposed based on the fact that humans have better memory for images than alphanumeric strings. Recently, a Google map graphical password (GMGP) system is proposed, in which a specific location of Google Map is preset as a password for authentication. Unfortunately, the use of graphical passwords increases the risk of exposing passwords under shoulder-surfing attacks. A snooper can easily look over someone’s shoulder to get the information of a location on map than a text password from a distance, and thus the shoulder-surfing attacks are more serious for graphical passwords than for text passwords. To overcome this issue, we design a polynomial-based Google map graphical password (P-GMGP) system. The proposed P-GMGP system can not only resist the shoulder-surfing attacks effectively, but also need much fewer challenge-response rounds than the GMGP system for authentication. Moreover, the P-GMGP system is extended to allow a user to be authenticated in cloud environment effectively and efficiently.

scholarly journals A study on usability and security features of the Android pattern lock screen

2016 ◽  
Vol 24 (1) ◽  
pp. 53-72 ◽  
Author(s):  
Panagiotis Andriotis ◽  
George Oikonomou ◽  
Alexios Mylonas ◽  
Theo Tryfonas
Keyword(s):  
Mobile Device ◽  
User Authentication ◽  
Hard Copy ◽  
Security Assessment ◽  
Android Application ◽  
Content Type ◽  
Graphical Passwords ◽  
Shoulder Surfing ◽  
Survey Results ◽  
Future Work

Purpose – The Android pattern lock screen (or graphical password) is a popular user authentication method that relies on the advantages provided by the visual representation of a password, which enhance its memorability. Graphical passwords are vulnerable to attacks (e.g. shoulder surfing); thus, the need for more complex passwords becomes apparent. This paper aims to focus on the features that constitute a usable and secure pattern and investigate the existence of heuristic and physical rules that possibly dictate the formation of a pattern. Design/methodology/approach – The authors conducted a survey to study the users’ understanding of the security and usability of the pattern lock screen. The authors developed an Android application that collects graphical passwords, by simulating user authentication in a mobile device. This avoids any potential bias that is introduced when the survey participants are not interacting with a mobile device while forming graphical passwords (e.g. in Web or hard-copy surveys). Findings – The findings verify and enrich previous knowledge for graphical passwords, namely, that users mostly prefer usability than security. Using the survey results, the authors demonstrate how biased input impairs security by shrinking the available password space. Research limitations/implications – The sample’s demographics may affect our findings. Therefore, future work can focus on the replication of our work in a sample with different demographics. Originality/value – The authors define metrics that measure the usability of a pattern (handedness, directionality and symmetry) and investigate their impact to its formation. The authors propose a security assessment scheme using features in a pattern (e.g. the existence of knight moves or overlapping nodes) to evaluate its security strengths.

Sign in / Sign up

Export Citation Format

Share Document