This section does an analysis of recent research done in related visual password schemes.
Sangore et al. (2014) created a system that combines alphanumeric, recall (Drawmetric) and recognition (Cognometric) based password schemes. The recall based password scheme involves drawing a secret (signature like) password in a 4 × 4 grid. The recognition based part of the system involves choosing from three categories of images during the registration session. The three categories of images are ideal persons, car logos and musical instruments. The alphanumeric password is meant to protect the system against shoulder surfing. The user is allowed to use either one of the graphical password systems (Drawmetric or
Table 2.2: Summary of authentication methods image or a single point from each of multiple images
Cognometric) or both. The user uses the mouse for selecting the images in the Cognometric part of the system, which makes it susceptible to shoulder-surfing.
The system also uses a secret password that is drawn with the mouse, but the drawn lines are not shown on the screen during login, supposedly for enhanced security but may end up confusing the user of the system and affect usability.
Making the drawn line invisible may make it difficult for the user to know whether or not the correct image is being drawn. There is no provision for restarting the drawing if accidental mouse movements are made. The user has to restart the authentication process if any mistakes are made in the drawing of the secret password. The system also suffers from the usability problem of Drawmetric password schemes, especially with regards to drawn image tolerance level during login.
Srinivasa Ravi Kiran et al.(2013) designed a system that is virtually a graph-ical method of selecting or entering alphanumeric passwords using images con-taining four characters each in a 5 × 5 grid using four selection rules. The user can drag across adjacent grids or blocks, diagonally between non-adjacent blocks, across characters within a block and across a single character in a block. In all the aforementioned drag methods, called rules by the authors, the blocks or char-acters touched by the drawn line must contain at least one character from each set of four characters depicted on the symbol of each block. Since the system includes spaces in the four characters depicted in each shape, this gives a pass-word space of 95N, where N = 3 in their three colour character sets. Although the system may actually be resistant to shoulder surfing attacks, the system may be susceptible to intersection attack (identifying a pass-image by looking out for recurring images since the pass-image is always amongst the displayed images during authentication), if rules three and four are used frequently, and also if the user authenticates successfully with few and short mouse drags. The registration and training phase may appear complicated at first which may discourage some users. Although a login time of 42 seconds was recorded, the average registration time was not. The system will also suffer from all the problems of recall based authentication systems, along with the ability to share the passwords.
Nicholson et al. (2012) designed a system where a single image is chosen and the image is divided into 16 portions or tiles, with only four tiles being used in any one authentication session of four rounds. A single tile or portion of the image is displayed to the user, along with eight decoy images in each round of authentication in a 3 × 3 on-screen grid. There are four rounds of authentication. This is supposed to aid memorability because of the use of only one image that has to be recognised by the user for the entire authentication process. This system was tested against description and observation attacks.
The system used the earth mover’s distance CBIR measure to arrange the decoy images in order of similarity and to group the tiles into three groups: similar, medium and dissimilar image tiles. The overall success rate for description attack on the system when using similar tiles for decoy images was 78%, while it was 29% for observation attack. The success rate when using medium similar images was 94% and 89% for description and observation attack respectively. Similarly,
when using dissimilar images, description attack had a success rate of 97%, while it was 91% for observation attack. This is another study that shows that the more similar the decoy images are for a Passfaces type of visual password scheme, the more protected it is from description attack. However, the vulnerability of this system to both shoulder-surfing and description attacks, amongst others, makes it unusable at this time.
Nair et al.(2013) came up with a Passpoints style graphical password scheme that includes the use of cell phones in a multi-factor authentication system. This may be unacceptable in some use case scenarios due to additional costs incurred from having to send SMS texts to thousands or possibly hundreds of thousands of users on a regular basis. Also, there is a software, called i-rem, that can allow you to authenticate once you know the password to access it. This is because the pass-image with its associated click points are sent to any user that fails authentication.
Therefore, the single point of failure becomes the password to the i-rem software, just like any other alphanumeric based authentication system.
Sarohi & Khan(2013) conceptualised a system that combines images and text in a Passfaces style of visual password scheme. The user uses the mouse to choose four pass-images out of 16 in a 4 × 4 on-screen grid, which gives a password space of 1820. In addition, the user also uses the keyboard to choose an additional image containing his secret number by typing the row by column positions in a provided text-box. This secret number modulo 25 is used to pick the set of 16 images that will be used for selection of pass-images during registration. Thus this system has an inbuilt mutual or two-way authentication. This system also makes the server do the same calculations on the user’s machine, with a match indicating successful two-way authentication. This system is particularly strong against man-in-the-middle (an attacker successfully gaining control of communication between server and client) and relay attacks. The system however uses the mouse for pass-image selection, and is thus susceptible to shoulder surfing. Since the secret number has to be indicated by the use of the keyboard to identify row and column positions, it is susceptible to both shoulder-surfing and intersection attack, if the user is able to identify the row and column numbers keys pressed. Also, the system did not directly address the issue of description attack.
Towhidi et al. (2013) developed a Cognometric system that is more secure than Passfaces, called Secure-Passfaces or S-Passfaces for short. This was based on three modifications to Passfaces:
• The method of selecting password, making it a keyboard only input.
• Creating four pass-images, out of which two are used for login at any one time i.e. concurrent passwords.
• Allowing users to pick their own pass-images for improved memorability.
The use of four alternate pass-images, out of which only two are used at login at any one time means the system provides six different sets of pass-images for authentication, which makes the system moderately resistant to shoulder surfing and recording attack. In addition, the use of the mouse for selection of pass-images is completely eliminated, making the scheme a keyboard only system.
The user types a randomly generated two-letter text assigned to each image, out of the 18 in the 6 × 3 on-screen grid, in order to indicate his pass-image. The system uses 18 faces and two rounds of authentication, which makes the password space 182.
Towhidi et al. (2013) also conducted security and usability tests on their system while comparing it to the reference Passfaces implementation. The overall conclusion of the study was that his system was slightly less usable because of the additional security measures, but the users were more confident and willing to use the system for their authentication needs because of the added security.
Rasekgala et al. (2014a,b) used shape grammars in the design of their visual password scheme. This is the closest to this study because of the use of grammars, since the authors used shape grammars in the generation of basic shapes under the control of the user. The authors used a draw-a-secret (drawmetric) type of visual password scheme for the registration phase of the system, for which they computed the password space. However, the computed password space is not applicable to the login process, which has a low password space of nine, since the user has to recognize one of nine images on a 3 × 3 on-screen grid, in their variant of the Passfaces style of visual password scheme. Suggestions for improving the password space of this model, include:
• Implementing the system as a Drawmetric visual password scheme.
• Increasing the number of rounds. This can be accomplished by:
– Generating variations of the user-drawn images in two more rounds of authentication, and asking the user to choose the grid that most closely matches his drawn image. This is to avoid requiring the user to draw multiple sets of images in the registration phase, so as not to prolong the registration process and affect usability. This will increase the password space to 93 for three login rounds.
– Requiring the user to draw multiple sets of images, but to reduce the number of images draw to at most two or three to reduce registration time. The number of sets of images should be equal to at least three and should correspond to the number of login rounds. The password space is equal to Nk where N is the number of images on the screen and k is the number of rounds.
• Increasing the number of login grids to 16 (4 × 4), and requiring the user to select four grids containing his pass-images out of the available 16 grids of images. This will increase the password space to 1820.
Also the use of keyboard for input will further help defeat shoulder surfing.
The use of a few basic shapes may not justify the use of shape grammars, as it might be easier and more compact in terms of memory storage to use a simple vector graphics format instead. It is suggested that slightly more complex shapes, including three dimensional shapes, should be used in order to exploit the power of shape grammars, make the shapes more interesting and allow users who are familiar with the system to create shapes that are difficult to describe and difficult for the shoulder-surfer to memorise.
The images generated have to be similar for cognometric visual password schemes, in order to help defeat shoulder surfing. In the next section, we take a look at computer based notions of similarity.