A novel image-based implicit password authentication system (IPAS) for mobile and non-mobile devices

Abstract Authentication is the first line of defense against compromising confidentiality and integrity. Though traditional login/password-based schemes are easy to implement, they have been subjected to several attacks. As an alternative, token and biometric-based authentication systems were introduced. However, they have not improved substantially to justify the investment. Thus, a variation to the login/password scheme, viz. graphical scheme was introduced. But it also suffered due to shoulder-surfing and screen-dump attacks. In this paper, we introduce a framework of our proposed (IPAS) Implicit Password Authentication System, which is immune to the common attacks suffered by other authentication schemes.

[1]  Karen Renaud,et al.  On user involvement in production of images used in visual authentication , 2009, J. Vis. Lang. Comput..

[2]  Nasir D. Memon,et al.  PassPoints: Design and longitudinal evaluation of a graphical password system , 2005, Int. J. Hum. Comput. Stud..

[3]  Nasir D. Memon,et al.  Graphical passwords based on robust discretization , 2006, IEEE Transactions on Information Forensics and Security.

[4]  Nasir D. Memon,et al.  Modeling user choice in the PassPoints graphical password scheme , 2007, SOUPS '07.

[5]  Arash Habibi Lashkari,et al.  A Complete Comparison on Pure and Cued Recall-Based Graphical User Authentication Algorithms , 2009, 2009 Second International Conference on Computer and Electrical Engineering.

[6]  Marilyn Domas White,et al.  A taxonomy of relationships between images and text , 2003, J. Documentation.

[7]  Angelos Stavrou,et al.  Universal Multi-Factor Authentication Using Graphical Passwords , 2008, 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems.

[8]  Nasir D. Memon,et al.  Authentication using graphical passwords: effects of tolerance and image choice , 2005, SOUPS '05.

[9]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[10]  Wei-Chi Ku,et al.  A Remote User Authentication Scheme Using Strong Graphical Passwords , 2005, LCN.

[11]  Haichang Gao,et al.  Design and Analysis of a Graphical Password Scheme , 2009, 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC).

[12]  Jason Wells,et al.  Enhanced Security for Preventing Man-in-the Middle Attacks in Authentication, Data Entry and Transaction Verification , 2008 .

[13]  Hideki Koike,et al.  Awase-E: Image-Based Authentication for Mobile Phones Using User's Favorite Images , 2003, Mobile HCI.

[14]  Arash Habibi Lashkari,et al.  Pure and cued recall-based graphical user authentication , 2009, 2009 International Conference on Application of Information and Communication Technologies.

[15]  Ying Zhu,et al.  Graphical passwords: a survey , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).