Professional Documents
Culture Documents
OVERVIEW
Introduction Authentication Method Token based Authentication Biometric based Authentication Knowledge based Authentication Security issues and implementation issues Advantage Conclusion Future work References
INTRODUCTION
What is password? What is graphical password?
Human can remember pictures better than text Text based passwords have many problems
4
Authentication Methods
Token based authentication Biometric based authentication Knowledge based
PassFace
Real User Corporation recall human faces easier than other pictures. very memorable over long intervals, the failure rate is smaller. smaller. LogLog-in process is slow.
10
PassObjects
Sobrado and Birget, 2002 Password space is relatively small Large number of pictures, could be very crowded Search for target objects can be tedious
11
12
Repeat a drawing
14
Draw Signature
Users draw their signature with mouse Everyone remembers his/her signature and it is hard to fake. Reliability issues
15
PassLogix
Click on various items in the image in the correct sequence to be authenticated The image can assist users to recall their passwords More convenient than unassisted recalls
17
PassPoint
Wiedenbeck, et al. 2005 User click on any place in an image to create a password. more difficulties learning the graphical password, and took more time to input their passwords than the alphanumerical users.
18
Security Issues
Very little study in the security issues of graphical passwords Is graphical password as secure as texttextbased password? - brute force search - dictionary attacks - guessing - spyware (e.g. mouse logger) - shoulder surfing
19
Usability Issues
Are graphical passwords really easier to remember than the text based passwords?
studies mainly support the recognition based graphical password yet to find strong support for recall based graphical password Compare with what types of text based password? Most user studies are short term studies. We need long term studies.
20
Implementation
Touchscreen Android mobile phone handsets have userdefined patterns to unlock the screen after a period of inactivity, users trace a pattern over a grid of nine dots with their finger.
Conclusion
alternatives to text based password and biometric authentications difficult to break graphical passwords using the traditional attack very little research on the security issues of graphical passwords User studies are still very limited
22
Future work
Graphical Password logon is available for Windows 8 ,a system logon mode, prepares for the complete touch operation. codes are similar to the graphical codes of Android.
23
REFERENCES
1] Network Security-Overcome Password Hacking Through Graphical Password Authentication M.ArunPrakash#1, T.R.Gokul#2 #1,2Department of Information Technology, Thiagarajar College of Engineering, Madurai, Tamil Nadu, India [2] Adams and M. A. Sasse, "Users are not the enemy: why users compromise computer security mechanisms and how to take remedial measures," Communications of the ACM, vol. 42, pp. 41-46, 2005 [3] ATTNEAVE, F. 1955. Symmetry, Information and Memory Patterns. American Journal of Psychology 68, 209-222. [4] BIRGET, J., HONG, D., AND MEMON, N. 2003. Robust discretization, with an application to graphical passwords.Cryptology ePrint Archive, Report 2003/168. http://eprint.iacr.org/2003/168, last accessed on Jan 29, 2006. [5] BLONDER, G. 1996. Graphical passwords. United States Patent 5559961. [6] BOWER, G. H., KARLIN, M. B., AND DUECK, A. 1975. Comprehension and memory for pictures. Memory and Cognition 3, 216-220. [7] BROSTOFF, S. AND SASSE, M. A. 2000. Are PassfacesTM more usable than passwords? A field trial investigation. In Proceedings of Human Computer Interaction, pages 405 424, 2000. [8] DAVIS, D., MONROSE, F., AND REITER, M. K. 2004. On User Choice in Graphical Password Schemes. In Proceedings of the 13th USENIX Security Symposium. 151-164. [9] DHAMIJA, R. AND PERRIG, A. 2000. Dj Vu: A User Study Using Images for Authentication. In Proceedings of the 9th USENIX Security Symposium. [10] FELDMEIER, D. AND KARN, P. 1989. UNIX password security-Ten years later. In Proceedings of the 19th International Conference on Advances in Cryptology (CRYPTO '89). Lecture [12] L. D. Paulson, "Taking a Graphical Approach to the Password," Computer, vol. 35, pp. 19, 2002. [13] sfr, "www.viskey.com/tech.html," last accessed in June 2011 [14] S. Patrick, A. C. Long, and S. Flinn, "HCI and Security Systems," presented at CHI, Extended Abstracts (Workshops). Ft. Lauderdale, Florida, USA., 2007.
[