A Study of Implementation of Image Based Authentication System

The paper aims on the study of a system for user authentication based on the use of images as passwords. The proposed method is thought to solve the traditional problems related to the authentication process in the Internet environment by exploiting the human brain's remarkable ability in image recognition. Authentication plays a very important role in protecting resources against unauthorized use. Many authentication processes exist from simple password based authentication system to costly biometric authentication systems. So when increasing security is an issue text based passwords are not enough to tackle such problems. The need for something more secure along with being user friendly is required. The image password demonstrates to be more secure than the common alphanumeric password and at the same time more easy-to-use. In this paper, we conduct a comprehensive survey of the existing graphical password techniques and comparing both alphanumeric and graphical passwords. We classify these techniques into two categories: recognition-based and recall-based approaches. We discuss the strengths and limitations of each method and point out the future research directions in this area. We also try to answer two important questions: "Are graphical passwords as secure as text-based passwords?"; "What are the major design and implementation issues for graphical passwords?"This survey will be useful for information security researchers and practitioners who are interested in finding an alternative to text-based authentication methods.

[1]  Andrew S. Patrick,et al.  HCI and security systems , 2003, CHI Extended Abstracts.

[2]  Adrian Perrig,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Déjà Vu: A User Study Using Images for Authentication , 2000 .

[3]  Sharath Pankanti,et al.  BIOMETRIC IDENTIFICATION , 2000 .

[4]  Patrick Olivier,et al.  Securing passfaces for description , 2008, SOUPS '08.

[5]  Michael K. Reiter,et al.  The Design and Analysis of Graphical Passwords , 1999, USENIX Security Symposium.

[6]  W. Jansen,et al.  Authenticating Mobile Device UsersThrough Image Selection , 2004 .

[7]  Daphna Weinshall,et al.  Passwords you'll never forget, but can't recall , 2004, CHI EA '04.

[8]  Vibha Sazawal,et al.  Doodling our way to better authentication , 2002, CHI Extended Abstracts.

[9]  Julie Thorpe,et al.  Towards secure design choices for implementing graphical passwords , 2004, 20th Annual Computer Security Applications Conference.

[10]  Eiji Okamoto,et al.  A User Identification System Using Signature Written with Mouse , 1998, ACISP.

[11]  Richard P. Ayers,et al.  Picture Password: A Visual Login Technique for Mobile Devices , 2003 .

[12]  Julie Thorpe,et al.  Graphical Dictionaries and the Memorable Space of Graphical Passwords , 2004, USENIX Security Symposium.

[13]  Wayne Jansen,et al.  Authenticating Mobile Device Users Through Image Selection | NIST , 2004 .

[14]  Hideki Koike,et al.  Awase-E: Image-Based Authentication for Mobile Phones Using User's Favorite Images , 2003, Mobile HCI.

[15]  Antonella De Angeli,et al.  VIP: a visual approach to user authentication , 2002, AVI '02.