2-ROUND HYBRID PASSWORD SCHEME

The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. They have problems such as being hard to remember, vulnerable to guessing, phishing, dictionary attack, key-logger, and social engineering. Researchers have come out with an alternate password scheme called graphical password where they tried to improve the security and avoid the weakness of conventional password. Psychological studies say that human can remember pictures better than text. But graphical password scheme also has several drawbacks like shoulder-surfing problem, more storage space required and hard to implement compared to text passwords. In this paper, we have suggested a hybrid authentication system combining graphical and text passwords. User authentication has been verified in two steps to increase the security. We believe that in our system, users will be able to select stronger passwords through better user interface design.

[1]  Angelos Stavrou,et al.  Universal Multi-Factor Authentication Using Graphical Passwords , 2008, 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems.

[2]  J. Kase Graphical Passwords , 2008 .

[3]  Ying Zhu,et al.  Graphical passwords: a survey , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[4]  Shashi Mogalla,et al.  A Well Known Tool Based Graphical Authentication Technique , 2011 .

[5]  Michael K. Reiter,et al.  The Design and Analysis of Graphical Passwords , 1999, USENIX Security Symposium.

[6]  Daphna Weinshall,et al.  Passwords you'll never forget, but can't recall , 2004, CHI EA '04.

[7]  Vibha Sazawal,et al.  Doodling our way to better authentication , 2002, CHI Extended Abstracts.

[8]  Adrian Perrig,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Déjà Vu: A User Study Using Images for Authentication , 2000 .

[9]  Eiji Okamoto,et al.  A User Identification System Using Signature Written with Mouse , 1998, ACISP.

[10]  Alain Forget,et al.  Influencing users towards better passwords: persuasive cued click-points , 2008 .

[11]  Nasir D. Memon,et al.  PassPoints: Design and longitudinal evaluation of a graphical password system , 2005, Int. J. Hum. Comput. Stud..

[12]  Dawei Hong,et al.  A Shoulder-Surfing Resistant Graphical Password Scheme - WIW , 2003, Security and Management.

[13]  Alain Forget,et al.  Influencing users towards better passwords: persuasive cued click-points , 2008, BCS HCI.