Applications of graphical password authentication system
Answers
Answered by
1
A Graphical Password Authentication System
Ahmad Almulhem
Computer Engineering Department
King Fahd University of Petroleum and Minerals
Dhahran, Saudi Arabia
[email protected]
Abstract
Graphical passwords provide a promising alternative to
traditional alphanumeric passwords. They are attractive
since people usually remember pictures better than words.
In this extended abstract, we propose a simple graphical
password authentication system. We describe its operation
with some examples, and highlight important aspects of the
system.
1 Introduction
User authentication is a fundamental component in most
computer security contexts. It provides the basis for access
control and user accountability [1]. While there are var-
ious types of user authentication systems, alphanumerical
username/passwords are the most common type of user au-
thentication. They are versatile and easy to implement and
use.
Alphanumerical passwords are required to satisfy two
contradictory requirements. They have to be easily remem-
bered by a user, while they have to be hard to guess by
impostor [2]. Users are known to choose easily guessable
and/or short text passwords, which are an easy target of dic-
tionary and brute-forced attacks [3, 4, 5]. Enforcing a strong
password policy sometimes leads to an opposite effect, as
a user may resort to write his or her difficult-to-remember
passwords on sticky notes exposing them to direct theft.
In the literature, several techniques have been proposed
to reduce the limitations of alphanumerical password. One
proposed solution is to use an easy to remember long
phrases (passphrase) rather than a single word [6]. Another
proposed solution is to use graphical passwords, in which
graphics (images) are used instead of alphanumerical pass-
words [7]. This can be achieved by asking the user to select
regions from an image rather than typing characters as in
alphanumeric password approaches.
In this extended abstract, we propose a graphical pass-
word authentication system. The system combines graph-
ical and text-based passwords trying to achieve the best
of both worlds. In section 2, we provide a brief review
of graphical passwords. Then, the proposed system is de-
scribed in section 3. In section 4, we briefly discuss imple-
mentation and highlight some aspects about the proposed
system.
2 Graphical Passwords
Graphical passwords refer to using pictures (also draw-
ings) as passwords. In theory, graphical passwords are eas-
ier to remember, since humans remember pictures better
than words [8]. Also, they should be more resistant to brute-
force attacks, since the search space is practically infinite.
In general, graphical passwords techniques are classi-
fied into two main categories: recognition-based and recall-
based graphical techniques [7]. In recognition-based tech-
niques, a user is authenticated by challenging him/her to
identify one or more images he or she chooses during the
registration stage. In recall-based techniques, a user is asked
to reproduce something that he or she created or selected
earlier during the registration stage.
Passfaces is a recognition-based technique, where a user
is authenticated by challenging him/her into recognizing
human faces [9]. An early recall-based graphical password
approach was introduced by Greg Blonder in 1996 [10].
In this approach, a user create a password by clicking on
several locations on an image. During authentication, the
user must click on those locations. PassPoints builds on
Blonders idea, and overcomes some of the limitations of his
scheme [2]. Several other ap
Ahmad Almulhem
Computer Engineering Department
King Fahd University of Petroleum and Minerals
Dhahran, Saudi Arabia
[email protected]
Abstract
Graphical passwords provide a promising alternative to
traditional alphanumeric passwords. They are attractive
since people usually remember pictures better than words.
In this extended abstract, we propose a simple graphical
password authentication system. We describe its operation
with some examples, and highlight important aspects of the
system.
1 Introduction
User authentication is a fundamental component in most
computer security contexts. It provides the basis for access
control and user accountability [1]. While there are var-
ious types of user authentication systems, alphanumerical
username/passwords are the most common type of user au-
thentication. They are versatile and easy to implement and
use.
Alphanumerical passwords are required to satisfy two
contradictory requirements. They have to be easily remem-
bered by a user, while they have to be hard to guess by
impostor [2]. Users are known to choose easily guessable
and/or short text passwords, which are an easy target of dic-
tionary and brute-forced attacks [3, 4, 5]. Enforcing a strong
password policy sometimes leads to an opposite effect, as
a user may resort to write his or her difficult-to-remember
passwords on sticky notes exposing them to direct theft.
In the literature, several techniques have been proposed
to reduce the limitations of alphanumerical password. One
proposed solution is to use an easy to remember long
phrases (passphrase) rather than a single word [6]. Another
proposed solution is to use graphical passwords, in which
graphics (images) are used instead of alphanumerical pass-
words [7]. This can be achieved by asking the user to select
regions from an image rather than typing characters as in
alphanumeric password approaches.
In this extended abstract, we propose a graphical pass-
word authentication system. The system combines graph-
ical and text-based passwords trying to achieve the best
of both worlds. In section 2, we provide a brief review
of graphical passwords. Then, the proposed system is de-
scribed in section 3. In section 4, we briefly discuss imple-
mentation and highlight some aspects about the proposed
system.
2 Graphical Passwords
Graphical passwords refer to using pictures (also draw-
ings) as passwords. In theory, graphical passwords are eas-
ier to remember, since humans remember pictures better
than words [8]. Also, they should be more resistant to brute-
force attacks, since the search space is practically infinite.
In general, graphical passwords techniques are classi-
fied into two main categories: recognition-based and recall-
based graphical techniques [7]. In recognition-based tech-
niques, a user is authenticated by challenging him/her to
identify one or more images he or she chooses during the
registration stage. In recall-based techniques, a user is asked
to reproduce something that he or she created or selected
earlier during the registration stage.
Passfaces is a recognition-based technique, where a user
is authenticated by challenging him/her into recognizing
human faces [9]. An early recall-based graphical password
approach was introduced by Greg Blonder in 1996 [10].
In this approach, a user create a password by clicking on
several locations on an image. During authentication, the
user must click on those locations. PassPoints builds on
Blonders idea, and overcomes some of the limitations of his
scheme [2]. Several other ap
Similar questions
English,
8 months ago
English,
8 months ago
Social Sciences,
8 months ago
Science,
1 year ago
Math,
1 year ago