scholarly journals Multi-level Scalable Textual-Graphical Password Authentication Scheme for Web based Applications

2014 ◽  
Vol 3 (3-4) ◽  
Author(s):  
Umedha Behl ◽  
Divya Bhat ◽  
Neha Ubhaykar ◽  
Vaibhav Godbole ◽  
Saurabh Kulkarni
Keyword(s):  
Level Scheme ◽  
User Authentication ◽  
Authentication Scheme ◽  
Password Authentication ◽  
Web Based ◽  
Graphical Password ◽  
Security Authentication ◽  
Shoulder Surfing ◽  
Multi Level ◽  
Better Than

Nowadays, user authentication is one of the important topics in information security. Authentication is necessary in multi-user systems. User name and password are used to authenticate a user. Text-based strong password scheme can provide security to a certain degree. Users tend to pick short passwords or passwords that are easy to remember, which makes the passwords vulnerable for attackers to break. Furthermore, textual password is vulnerable to shoulder-surfing, hidden camera and spy-ware attacks. Graphical authentication has been proposed as a possible alternative solution to text-based authentication, motivated particularly by the fact that humans can remember images better than text. However, they are mostly vulnerable to shoulder surfing. In this paper, we propose a Multi-level Scalable Textual-Graphical Password Authentication Scheme for web based applications. This scheme integrates both graphical and textual password schemes, and provides multi-level authentication scheme as compared to previously proposed single level scheme. In this scheme multi-level authentication is obtained by making use of SMS service, hence provides more secure service. This scheme shows significant potential bridging the gap between conventional textual password and graphical password. Further enhancements of this scheme are proposed and briefly discussed.

Shoulder-Surfing Resistant Smartphone Authentication Scheme Using Virtual Joystick

2013 ◽  
Vol 284-287 ◽  
pp. 3497-3501 ◽  
Author(s):  
Si Wan Kim ◽  
Hyun Yi Yi ◽  
Gun Il Ma ◽  
Jeong Hyun Yi
Keyword(s):  
Mobile Device ◽  
User Authentication ◽  
Authentication Scheme ◽  
Brute Force ◽  
Password Authentication ◽  
Graphical Password ◽  
Shoulder Surfing ◽  
Authentication Schemes ◽  
Brute Force Attack

User authentication techniques such as the setting of passwords are gradually gaining importance as a means of managing important information stored in smartphones. Existing text–based password authentication schemes have the advantages of being quick and easy to use. However, they are problematic in that passwords are easily exposed to shoulder-surfing attack. In addition, a graphical password authentication scheme has the limitation of being difficult to apply to mobile device environments, in which a lot of information must be remembered and small-sized screens are provided. Therefore, in this paper, we propose a new hybrid password authentication scheme using a pocket billiard and a virtual joystick, which is secure against shoulder-surfing, brute force attack, and smudge attack and has excellent usability.

scholarly journals A Pattern-Based Multi-Factor Authentication System

2019 ◽  
Vol 20 (1) ◽  
pp. 101-112 ◽  
Author(s):  
Pankhuri . ◽  
Akash Sinha ◽  
Gulshan Shrivastava ◽  
Prabhat Kumar
Keyword(s):  
Artificial Intelligence ◽  
User Authentication ◽  
Authentication Scheme ◽  
Brute Force ◽  
Security Attacks ◽  
Graphical Password ◽  
Efficient Strategy ◽  
Shoulder Surfing ◽  
Different Types ◽  
Authentication System

User authentication is an indispensable part of a secure system. The traditional authentication methods have been proved to be vulnerable to different types of security attacks. Artificial intelligence is being applied to crack textual passwords and even CAPTCHAs are being dismantled within few attempts. The use of graphical password as an alternate to the textual passwords for user authentication can be an efficient strategy. However, they have been proved to be susceptible to shoulder surfing like attacks. Advanced authentication systems such as biometrics are secure but require additional infrastructure for efficient implementation. This paper proposes a novel pattern-based multi-factor authentication scheme that uses a combination of text and images resulting for identifying the legitimate users. The proposed system has been mathematically analyzed and has been found to provide much larger password space as compared to simple text based passwords. This renders the proposed system secure against brute force and other dictionary based attacks. Moreover, the use of text along with the images also mitigates the risk of shoulder surfing.

scholarly journals A Review on Shoulder Surfing Attack in Authentication Technique using Cued Click Point (CCP)

2021 ◽  
pp. 141-144
Author(s):  
Jasmin P. Bhootwala ◽  
Dr Subhash G. Desai
Keyword(s):  
User Authentication ◽  
Social Engineering ◽  
Image Point ◽  
Dictionary Attack ◽  
Graphical Password ◽  
Graphical Passwords ◽  
Security Authentication ◽  
Shoulder Surfing ◽  
Brute Force Attack ◽  
Graphical System

Security important now a days. Users of primary preference to security. Authentication process provide security to the user. Authentication process of identifying the person’s identity or conforming the identity of person. There are various authentication method, but most commonly used method is textual password. Combination of alphabet and number create a secure password. But some drawbacks i.e. it easily guess by also called attacker. If it make complex then it hard to memorize. Also various attacks brute force attack, dictionary attack, social engineering attack, evesdropping, etc. of textual password graphical password system introduced. Graphical system is easy to memorize but it undergo shoulder surfing attack which big problem. any entity or person can observe users password directly or by using any device. So as an alternative Graphical Passwords are introduced to resist the Shoulder surfing attack. the above mentioned attacks the new scheme highlights cued click point (CCP), Using graphical password as input and grid lines for image point verification. This paper survey shoulder surfing attacks in graphical password approach.

scholarly journals Multi-level Graphical Password Authentication Scheme for Cloud (MGPASC)

2019 ◽  
Vol 8 (3) ◽  
pp. 278-283
Keyword(s):  
Information Technology ◽  
Cloud Computing ◽  
Computational Cost ◽  
Password Authentication ◽  
Graphical Password ◽  
Authentication Mechanism ◽  
Shoulder Surfing ◽  
Authentication System ◽  
Multi Level ◽  
Technology Resources

The usage and management of information technology resources and services are revolutionized with the arrival of Cloud Computing. But, the revolution always comes with problems. Authentication is one such problem. Especially for Graphical Password Authentication System, there is a threat of shoulder surfing attack. This research presents a multi-level graphical password authentication mechanism by extending an existing method. UGPSCCCT (User guided Graphical Password Scheme for Cloud using Caesar Cipher Technique) is the existing method and this method is extended in this paper such that another level of security is added. The user credentials in this method are transmitted to the server in encryption format. A key is generated for every login to encrypt user details. The analysis of the proposed method is done by calculating the computational cost and communication cost of the proposed method

Shoulder-surfing-proof graphical password authentication scheme

2013 ◽  
Vol 13 (3) ◽  
pp. 245-254 ◽  
Author(s):  
Tzong-Sun Wu ◽  
Ming-Lun Lee ◽  
Han-Yu Lin ◽  
Chao-Yuan Wang
Keyword(s):  
Authentication Scheme ◽  
Password Authentication ◽  
Graphical Password ◽  
Shoulder Surfing

Cryptanalysis of a Remote User Authentication Scheme

2013 ◽  
Vol 433-435 ◽  
pp. 1699-1701
Author(s):  
Bang Ju Wang ◽  
Huan Guo Zhang
Keyword(s):  
Smart Card ◽  
User Authentication ◽  
Authentication Scheme ◽  
Password Authentication ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote User

Among many user authentications over insecure networks, password authentication is simple, convenient and widely adopted one. Chen and Lee proposed a new hash-based password authentication using smart card and claimed that their scheme could resist seven attacks as listed in their paper. However, in this paper, it is pointed out that Chen-Lee’s scheme is vulnerable to off-line password guessing, replay and impersonation attacks when the smart card is lost or stolen.

scholarly journals An Efficient and Robust Remote User Authentication Method

2021 ◽  
Author(s):  
M Khan
Keyword(s):  
User Authentication ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Remote Authentication ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote System ◽  
User Friendly ◽  
Remote User ◽  
Better Than

<p>Wu-Chieu proposed an enhanced remote user authentication scheme to improve the security of a user-friendly remote user authentication scheme with smart cards. However, we demonstrate that their scheme is vulnerable and susceptible to the attacks and can easily be cryptanalyzed. Their scheme performs only unilateral authentication (only client authentication) and there is no mutual authentication between user and remote system, so their scheme suscepts from the server spoofing attack. Furthermore, their scheme is slower in detecting the wrong input-password, and users cannot change their passwords. This paper proposes an efficient and secure remote authentication scheme to solve the problems found in Wu-Chieu’s scheme. In addition, the computational costs and efficiency of the proposed scheme is better than other related published schemes.</p>

Sign in / Sign up

Export Citation Format

Share Document