A Stroke-Based Textual Password Authentication Scheme

Textual-based password authentication scheme tend to more vulnerable to attacks such as shoulder-surfing and hidden camera. To overcome the vulnerabilities of traditional methods, visual or graphical password schemes have been developed as possible alternative solutions to text-based scheme. Because simply adopting graphical password authentication also has some drawbacks, some hybrid schemes based on graphic and text were developed. In this paper, we proposed a stroke-based textual password authentication scheme. It uses shapes of strokes on the grid as the origin passwords and allows users to login with text passwords via traditional input devices. The method provides strong resistant to hidden-camera and shoulder-surfing. Moreover, the scheme has flexible enhancements to secure the authentication process. The analysis of the security of this approach is also discussed.

[1]  Richard P. Ayers,et al.  Picture Password: A Visual Login Technique for Mobile Devices , 2003 .

[2]  Julie Thorpe,et al.  Analyzing User Choice in Graphical Passwords , 2004 .

[3]  Ying Zhu,et al.  Graphical passwords: a survey , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[4]  Xiaolin Li,et al.  S3PAS: A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[5]  Heinrich Hußmann,et al.  PassShape: stroke based shape passwords , 2007, OZCHI '07.

[6]  Dawei Hong,et al.  A Shoulder-Surfing Resistant Graphical Password Scheme - WIW , 2003, Security and Management.

[7]  Julie Thorpe,et al.  Graphical Dictionaries and the Memorable Space of Graphical Passwords , 2004, USENIX Security Symposium.

[8]  Wayne Jansen,et al.  Authenticating Mobile Device Users Through Image Selection | NIST , 2004 .

[9]  Julie Thorpe,et al.  Towards secure design choices for implementing graphical passwords , 2004, 20th Annual Computer Security Applications Conference.

[10]  Michael K. Reiter,et al.  The Design and Analysis of Graphical Passwords , 1999, USENIX Security Symposium.

[11]  Martina Angela Sasse,et al.  Why users compromise computer security mechanisms and how to take remedial measures. , 1999 .

[12]  M. Angela Sasse,et al.  Users are not the enemy , 1999, CACM.

[13]  J. Kase Graphical Passwords , 2008 .

[14]  Wayne A. Jansen,et al.  Authenticating Users on Handheld Devices , 2003 .

[15]  Susan Wiedenbeck,et al.  Authentication Using Graphical Passwords: Basic Results , 2005 .