Novel scheme for securing passwords

The most common method of authentication or protection against intrusion in a computer system is to use alphanumeric usernames and password. Choosing a strong password and protecting the chosen password has always been a popular topic among security researchers. Traditionally strong password schemes could provide with certain degree of security but strong password leads complexity and difficult to memorize and often leads their owner to write them down on paper. As a result, security becomes compromised. Also a good password is one which can be typed quickly, so someone else can't look over your shoulder. In this paper we explore some techniques of protecting the passwords and try to eliminate the shouldering problem. We also try to eliminate the dictionary attacks and brute-force attacks. Later on we tried to evolve a password scheme with some graphic technique which can be used in highly secured applications.

[1]  Delbert Hart Attitudes and practices of students towards password security , 2008 .

[2]  Hyunsoo Yoon,et al.  A User Friendly Internet Identity Management System , 2008, 2008 10th International Conference on Advanced Communication Technology.

[3]  Ying Zhu,et al.  Graphical passwords: a survey , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[4]  Li-Tung Weng,et al.  Graphical Passwords Using Images with Random Tracks of Geometric Shapes , 2008, 2008 Congress on Image and Signal Processing.

[5]  F.N. Sibai,et al.  Secure password detection with artificial neural networks , 2008, 2008 International Conference on Innovations in Information Technology.

[6]  Steven M. Bellovin Security by Checklist , 2008, IEEE Security & Privacy Magazine.

[7]  A.A. Aburas,et al.  Password generator based on mouse clicks signal and screen cursor position , 2008, 2008 International Conference on Computer and Communication Engineering.

[8]  Sarvar Patel,et al.  Number theoretic attacks on secure password schemes , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[9]  Eun-Jun Yoon,et al.  Breaking a Smart Card based Secure Password Authentication Scheme , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[10]  K. P. Weiss When a password is not a password (computer resource security) , 1990, IEEE International Carnahan Conference on Security Technology, Crime Countermeasures.

[11]  Simson L. Garfinkel,et al.  Practical UNIX Security , 1991 .

[12]  Edward F. Gehringer Choosing passwords: security and human factors , 2002, IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293).

[13]  Aviel D. Rubin White-Hat Security Arsenal: Tackling the Threats , 2001 .

[14]  Kenneth P. Weiss When A Password Is Not A Password , 1990 .

[15]  L. O'Gorman,et al.  Comparing passwords, tokens, and biometrics for user authentication , 2003, Proceedings of the IEEE.