We propose an intuitive graphical password entry scheme that significantly reduces the ability of an attacker to obtain passwords by observing authorized users’ authentication sessions. The scheme is resistant to dictionary attacks, and is likely to employ stronger and much more memorable passwords than conventional text or graphical schemes. We propose a procedure that makes the scheme resistant to guessing attacks, more resistant than other graphical schemes in the literature. Finally the scheme is designed to minimize the search time the authorized user needs to find the relevant information on a screen with multiple graphical objects. The scheme is currently being implemented and will be tested for usability.
[1]
Michael K. Reiter,et al.
The Design and Analysis of Graphical Passwords
,
1999,
USENIX Security Symposium.
[2]
W. Jansen,et al.
Authenticating Mobile Device UsersThrough Image Selection
,
2004
.
[3]
Manuel Blum,et al.
Secure Human Identification Protocols
,
2001,
ASIACRYPT.
[4]
Ken Thompson,et al.
Password security: a case history
,
1979,
CACM.
[5]
Manuel Blum,et al.
A Secure Human-Computer Authentication Scheme
,
2000
.
[6]
Julie Thorpe,et al.
Graphical Dictionaries and the Memorable Space of Graphical Passwords
,
2004,
USENIX Security Symposium.
[7]
Stewart Tseng,et al.
COMPARISON OF HOLISTIC AND FEATURE BASED APPROACHES TO FACE RECOGNITION
,
2003
.