Top PDF S3PAS:A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

S3PAS:A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

S3PAS:A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

In the rule-based scheme, users are able to define their own click-rules when they creating passwords. The primary advantage is that rule-based scheme hides the click-rule. In the basic scheme, the click-rule is open to public, while in rule-based scheme, only the users themselves know their “pass-rules.” As a result, it becomes extremely hard for at-tackers to break user's password using password analysis techniques. Further, the rule-based scheme hides the length |k| of user's password. In the basic S3PAS scheme, if Al-ice's password is |k| in length, she has to click |k| times, which releases her password length to attackers. However, users can protect their password length information well by the rule-based scheme. Another benefit is that it can also avoid the common border problem. In addition, it could be easier for users to remember their own click-rules.
Show more

6 Read more

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

In order to protect users’ digital property, authentication is required every time they try to access their personal account and data. However, conducting the authentication process in public might result in potential shoulder surfing attacks. Even a more complex password can be cracked easily through shoulder surfing. Using traditional textual passwords or PIN method, users need to type their passwords to validate themselves and thus these passwords can be revealed easily if someone peeks over shoulder or uses video recording devices such as cell phones or google glass. To overcome this problem, we proposed a shoulder surfing resistant authentication system based on graphical passwords, named PassMatrix and PairBased. Using a one-time login indicator per image, users can point out the location of their pass-square without directly clicking or touching it, which is an action vulnerable to shoulder surfing attacks. Because of the design of the horizontal and vertical bars that cover the entire pass image, it offers no clue for attackers to narrow down the password space even if they have more than one login records of that account.
Show more

5 Read more

A Pattern-Based Password Authentication Scheme for Minimizing Shoulder Surfing Attack

A Pattern-Based Password Authentication Scheme for Minimizing Shoulder Surfing Attack

In [25] proposed authentication scheme using text and colors for generating session password. Session password is a password that is used only once at a time. Once the session is terminating, the session password is no longer useful because for every login session; users must enter different passwords. Moreover, according to [2], the use of session password is very suitable for Personal Digital Assistants (PDA) because it is resistant to shoulder surfing attack. Session password is generated using grids and colors serve as an alternative authentication technique to reduce the drawback of textual password authentication. During registration phase, the user needs to submit his chosen password consisting of a minimum length of 8 passwords that is called as secret pass. The secret pass must contain an even number of characters because from this; the session passwords are generated. During the login phase, when the user enters his username, an interface that consists of alphabets and numbers in a grid size 6x6 is displayed. The characters are randomly placed on the grid, and the interface will change every time the user want to log in. Then, the user has to enter the password depend on upon their secret pass, and they must consider his secret pass in term of pairs. The
Show more

7 Read more

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

In ancient days, we used a textual password while we are logging into any authentication based website. Textual password consists of upper- and lower-case letters and numbers. It doesn’t provide a secured login into the network. Network affected by the shoulder surfing and the key loggers attack. Using video capturing and camera snapshot the attacker can stole our identity details. Even though we have virtual keyboard, the keys are highlighted while we pressing it. With the help of malicious key logging software, the screenshot recording will be done while keys are highlighted. It is vulnerable to the user as well as network. It will be overcome by shuffling the keys which is present in the keyboard. And we can set a image cell as password by using pass matrix. It will secure our sensitive information like username, password, PIN and personal identity.
Show more

8 Read more

Graphical password schemes design: enhancing memorability features using autobiographical memories

Graphical password schemes design: enhancing memorability features using autobiographical memories

Shoulder- surfing problem is an attack in which the intruder can observe the passwords, PINs or other protected information by observing the owner or victim through his/her shoulder or other spying devices such as binoculars and video camera while the password is being used on the computer or at the terminal for authentication . The main aim of the intruder for this attack is to use the observed credentials for illicit transactions in order to impersonate the real owner (the victim) afterwards. The root cause of this drawback is due the fact that users enter their secrets directly to some poorly designed user interface in a way that is easy for intruder to gain knowledge of the secret via observation. To surmount this problem during authentication, a number of shoulder-surfing resistant techniques were proposed as helpful solutions to protect the user’s secret from being observed for illicit usage. To protect recall-based graphical password systems such Draw-A-Secret and Background Draw-A-Secret DAS from shoulder surfing, three techniques which include decoy Strokes defense, disappearing Strokes, and line Snaking were proposed [10]. These techniques are used during a login procedure as a means of distracting shoulder surfer away from capturing the correct password drawn by the user for security reason. Decoy Strokes defense technique allows user to draw many passwords of which only one is authentic user’s password. In disappearing stroke defense, the user stroke is being removed from the screen after it has been drawn. The idea behind is to make it difficult for attacker to store the image to memory. While line Snaking technique is based on the disappearing stroke solution but was intended to leave the vital
Show more

7 Read more

A Survey on Shoulder Surfing Resistant Graphical Authentication Systems

A Survey on Shoulder Surfing Resistant Graphical Authentication Systems

In this paper, we have studied different methods for graphical password authentication scheme. We proposed a shoulder surfing resistant authentication system basedon graphical passwords, named Pass Matrix. Using a one-time login indicator per image,users can point out the location of their pass-square without directly clicking or touching it, which is an action vulnerable to shoulder surfing attacks. Because of the design of thehorizontal and vertical bars that cover the entire pass-image, it offers no clue for attackersto narrow down the password space even if they have more than one login records ofthat account. Also additional, we proposed a system called Session password,it provides a new password for each session and need not to transfer password form server each time for authentication purpose that’s why Session password scheme provides more security than the other existed systems.
Show more

5 Read more

Password Authentication by graphical And Keylogging-Resistant Visual System

Password Authentication by graphical And Keylogging-Resistant Visual System

With the increasing trend of apps and other web services the user is accessing it from anywhere and anytime with the different devices. In order to secure the devices authentication is always required when the try to access the services. Engaging in authentication in public can lead to different potential attacks as shoulder surfing. Textual passwords can be seen easily as the user has to type the whole password from the keyboard and the current authentication systems are still immature in some aspects.
Show more

6 Read more

A Comprehensive Survey On Graphical Passwords And Shoulder Surfing Resistant Technique Analysis

A Comprehensive Survey On Graphical Passwords And Shoulder Surfing Resistant Technique Analysis

In this paper, we study shoulder surfing defences for recall-based graphical password systems such as Draw-A-Secret (DAS), Background Draw-A-Secret (BDAS) and Pass-Go. DAS is a representative graphical password scheme and worthy of extensive study for the following reasons. First, its theoretical password space can be larger than that of text passwords. Second, unlike many other graphical password systems, DAS can be used for not only user authentication, but also for key generation. Although some research has revealed that the user choices of DAS passwords could render this theoretically sound scheme less secure in practice, it appears that many of the weaknesses could be improved by introducing a background image into the drawing grid, together with other countermeasures.
Show more

7 Read more

Implementation of Passmatrix Based Shoulder Surfing Resistant Graphical Authentication System

Implementation of Passmatrix Based Shoulder Surfing Resistant Graphical Authentication System

Different graphical password authentication plan, were produced to address the issues and shortcomings connected with textual passwords. In light of a few reviews, for example, those in, people have a superior capacity to remember image with long term memory (LTM) than verbal representations. Image based passwords were turned out to be less demanding to recall in a few user considers. Subsequently, users can set up a complex authentication password and are capable for recalling it after quite a while regardless of the possibility that the memory is not actuated occasionally. In any case, the greater part of these image based passwords are powerless against shoulder surfing attacks (SSAs). This kind of attack either utilizes coordinate perception, for example, viewing behind someone or applies video catching procedures to get passwords, PINs, or other delicate individual information. [10]
Show more

8 Read more

Advanced Scalable Shoulder Surfing Resistance Password Authentication Scheme

Advanced Scalable Shoulder Surfing Resistance Password Authentication Scheme

4 Haichang Proposed a new shoulder-surfing resistant scheme where the user is required to draw a curve across their password images orderly rather than clicking on them directly.[7] This graphical scheme combines DAS and Story schemes to provide authenticity to the user

7 Read more

HoneyPass: A Shoulder Surfing Resistant Graphical Authentication System using Honeypot

HoneyPass: A Shoulder Surfing Resistant Graphical Authentication System using Honeypot

Abstract: In today's modern world, securing the organization’s data has become a major concern. To provide security, the most widely recognized authentication methods are credentials, OTP, LTP etc. These methods are more prone to Brute Force Attack, Shoulder Surfing Attack, and Dictionary Attack. Shoulder Surfing Attack (SSA) is a data theft approach used to obtain the personal identification numbers or passwords by looking over the user's shoulder or by external recording devices and video capturing devices. Since SSA occurs in a benevolent way, it goes unnoticed most of the times. It is one of the simple and easy methods for hackers to steal one's sensitive information. The hacker has to simply peek in while the user types in the password without any much effort involved. Therefore, this phenomenon is widely unknown to people all over the world. Textual passwords are a ubiquitous part of digital age. Web applications/mobile applications demand a strong password with at least one capital letter and a special letter. People tend to give easy passwords in order to remember them which can be easily shoulder surfed. To overcome this, graphical password techniques are used to provide a more secure password. In the graphical authentication system, the users click on target images from a challenge set for authentication. Various graphical systems have been proposed over the years which are shown to be more secure when compared to other authentication systems. In this paper, a shoulder surfing resistant graphical authentication system is implemented using honeypot concept.
Show more

11 Read more

DIGITAL LOCK: A HYBRID AUTHENTICAIONMr. Dipak P. Umbarkar1, Prof. Megha singh2

DIGITAL LOCK: A HYBRID AUTHENTICAIONMr. Dipak P. Umbarkar1, Prof. Megha singh2

At present conventional secret word patterns are exposed to dictionary attacks, eves dropping and shoulder surfing, numerous shoulder surfing unaltered graphical password patterns proposed. On the other hand, Textual passwords are the utmost public technique used for authentication. There are several graphical password schemes that are planned in the past years. Most users are used word-based passwords than untainted graphical passwords sentence or word-based or character based graphical password schemes have been proposed. Undesirably, none of existing schemes are create graphical lock to resisting the impersonation. The shoulder surfing resistant and other attacks like eves dropping, dictionary attacks, and social engineering attack on text and character are improved by this paper by using colors. In the expected scheme, the operator can robustly, cleanly and professionally login system and inspect the security and usability of the planned system and show the resistance of the proposed scheme to unintended login.
Show more

7 Read more

A Shoulder Surfing Resistant Graphical Password System             

A Shoulder Surfing Resistant Graphical Password System             

Authentication is the first security mechanism that can be used to prevent unauthorized access to the system. In addition, textual password (text-based password) is the most famous authentication mechanism which has been used for several years. In this authentication method, a user selects a combination of characters as his password, which is required to memorize by him. However, in order to have a secure password, the generated password must follow several requirements such as minimum 8 characters, a combination of capital and small characters, alphanumeric, using special characters, ... etc. Thus, this makes the password to be complex (e.g. "@bu*%183bDIK), which also makes difficulties for a hacker to guess (dictionary attack) or break (brute force attack) it. Similarly, the generated complex password provides this challenge for the users to memorize it for further access. Thus, the users tend to pen down their long and random passwords somewhere or take the easy passwords instead. Graphical password is an alternative authentication password which can solve the problem of remembering the complex passwords in textual password approach. In this case, several images are used to represent a user password, rather than the text. Later on, upon login to the system, a user can select or produce the same graphic image correctly for accessing to the system. Since remembering the image is easier than the text, the selected images as the password is complex as well as easy to remember by the user at the same time. Additionally, the other advantage of graphical password is to prevent stealing the passwords if a keystroke logger such as malicious software (Trojan) is installed by a hacker in order to capture the text-based passwords. In general, there are three graphical password approaches such as recognition-based, pure recall-based and cued recall based. In the recognition- based approach, the user can pick several images such as icons or symbols which he recently selected in user
Show more

5 Read more

DIGITAL PASSWORD SURVEYMr. Dipak P. Umbarkar1, Prof. Megha singh2

DIGITAL PASSWORD SURVEYMr. Dipak P. Umbarkar1, Prof. Megha singh2

As maximum users are aware with conventional text-based and text based password verification methods have no shoulder surfing resistance. In 2007, Zhao et al. [10] proposed a textual-based shoulder surfing resistant graphical password scheme known as S3PAS, in which the user has to determine his textual password and then follow some rule to mix his textual password to hold a session password to login the system. At the same time, the login methods of Zhao et al.’s are complicated and uninteresting. Sreelatha et al. [12], in 2011, also proposed a text-based shoulder surfing resistant graphical password scheme by using colors. Noticeably, as the user has to in addition memorize the order of some colors which make the memory load of the user is too high. In the similar year, Kim et al. [13] proposed a another text based shoulder surfing resistant graphical password scheme, and at the same time employed an analysis method for shoulder surfing resistance and accidental login resistance to analyze the safety measures of their scheme. Fatefully, the resistance of Kim et al.’s scheme to accidental login is not satisfactory. Rao et al. [15], in 2012, suggested a text-based shoulder surfing resistant graphical password scheme i.e. PPC, in which the user has to mix his textual password to produce several pass-pairs, and then follow four predefined rules to get his session password on the login screen. On the other hand, the login procedure of PPC is too boring and hard.
Show more

6 Read more

Secured Hybrid Authentication Schemes using Session Password and Steganography

Secured Hybrid Authentication Schemes using Session Password and Steganography

ABSTRACT: The most common method is textual passwords that were used for authentication. Unfortunately, these passwords can be easily guessed or cracked. The next best techniques are graphical passwords. Since, there are many graphical password schemes that are proposed in the last decade, But most of them suffer from shoulder surfing which is also a big problem. Also, there are few graphical passwords schemes that have been proposed which are resistant to various attacks. In this paper two new authentication schemes are proposed with steganography algorithm for any transaction . Any authentication process gets very secure when two or three techniques used together for a system. For every login process, user input different passwords. We proposed two different shoulder surfing resistance graphical password authentication scheme methods one is AS3PAS and second is hybrid textual scheme using color code also Advanced LSB which removes the drawback of simple LSB that it supports all image format.
Show more

7 Read more

Secure Authentication Using Session Based Password with Virtual Keyboard

Secure Authentication Using Session Based Password with Virtual Keyboard

ABSTRACT: Early people use textual passwords as a security but these passwords get affected to the various attacks like dictionary attack, shoulder surfing, etc. After the period, graphical passwords are coming to the existence but the graphical passwords have some own disadvantages such as they require more time to authenticate. Hence, This paper has taken a review of session password technique in which the password is used only once for each and when session will end the password is not useful. The proposed session password scheme uses Text session password. The session password scheme uses pair-based authentication scheme. Textual passwords generally used for login authentication. Graphical password is introduced exactly opposite technique to textual passwords. As most users are well known about textual passwords than pure graphical passwords. Shoulder-surfing is an attack where an attacker can capture a password by direct show or by listening the authentication session password. Session password can use only once because every time a new password will generate. Session Password supports Pair based scheme which is secure and more efficient. In this paper, it is proposed an improved text-based shoulder surfing resistant scheme by using pair based scheme is used for alphabet, digit , symbols where session password will form at every session or transaction using virtual shuffling keyboard. The user can easily and efficiently login to the system. Proposed system analyzes the security and usability of the proposed scheme, and shows the support of the scheme to shoulder surfing attack.
Show more

5 Read more

REVIEW ON COLOR PASSWORD TO RESIST SHOULDER SURFING ATTACK

REVIEW ON COLOR PASSWORD TO RESIST SHOULDER SURFING ATTACK

In 2002, to reduce the shoulder surfing attack, Sobrado and Birget [3] proposed three shoulder surfing resistant graphical password schemes, the Movable Frame scheme, the Intersection scheme, and the Triangle scheme. But from all this schemes, the Movable Frame scheme and the Intersection scheme fail frequently in the process of Authentication. In the Triangle scheme, the user has to select and memorize several pass icons as his password. To login the system, the user has to correctly pass the predetermined number of challenges and in every challenge, the user has to find three pass-icons from a set of randomly chosen icons displayed on the login screen, and then click inside the invisible triangle created by those three pass- icons.
Show more

7 Read more

A Shoulder Surfing Resistant Image Augmented Multi Password Authentication System with Key Store Time Log in & Coordination Comparison

A Shoulder Surfing Resistant Image Augmented Multi Password Authentication System with Key Store Time Log in & Coordination Comparison

In this work, we have proposed on random image augmented text password authentication system. That is highly resistant to shoulder surfing attacks. As the textual password randomly, this makes shoulder surfing difficult. Also keystroke time logging & comparison, makes attacks such as shoulder surfing, brute force & dictionary attacks highly improbable. Our system combines the best of the two prominent techniques namely text based password(s) & image based password(s), as text password are hard to memorize, & short password are vulnerable to various attack. Also image based passwords are very easy to remember, but are highly susceptible to attack such as shoulder surfing. Here, in this system, we have combined the desirable characteristics of the two schemes such as high memorability of the image related data, & better security of textual password for shoulder surfing attacks, to create a highly resistant authentication system. As image is only used for cueing the user for enter a specific text password & the text password(s) are randomly warranted, out of a pool on N password - image pairs
Show more

5 Read more

Study on the Analysis and Optimization of Brake Disc: A Review

Study on the Analysis and Optimization of Brake Disc: A Review

The aim of this paper is to investigate the reasons behind low commercial acceptance and provide suitable recommendations to overcome them. In the second half of this paper, based on these recommendations, we design a simple graphical password scheme, called SECURE GRAPHICAL PASSWORD AUTHENTICATION is a cued recognition based graphical authentication scheme, which allows users to choose number, text as well as images as passwords without any specific alternations to underlying authentication design and process. It also blends together the strengths of Numbers, Alphabets and Pictures (NAP) to effectively defeat prevalent forms of social hacking. In this paper we describe the complete design of SECURE GRAPHICAL PASSWORD AUTHENTICATION and argue for its potential benefits in terms of security and usability. We then provide results of user study and security analysis.
Show more

5 Read more

Implementing Authentication, Authorization and Access Technique using Session Password with Pair based Scheme

Implementing Authentication, Authorization and Access Technique using Session Password with Pair based Scheme

Once the user has logged-out from that session., the password entered for the earlier time gets lost. Now, when the user is logging-in for the next time he has to make the working as like earilier. But for this time the keyboard generated to entered his password gets shafaled and hence, the combination of word ‘suraj’ is also gets changed. It will provide the security form the dictonary attack, shoulder surfing attack and some possible network attacks also. In this way, we are successfully perform the machanism of AAA – Authentication, Authorication and Access in our implemented software application for online banking where security is the formost requirement.
Show more

5 Read more

Show all 10000 documents...