Alphanumerical usernames and passwords are the most used computer authentication technique.This approach has been found to have a number of disadvantages.Users,for example,frequently choose passwords that are simple t...Alphanumerical usernames and passwords are the most used computer authentication technique.This approach has been found to have a number of disadvantages.Users,for example,frequently choose passwords that are simple to guess.On the other side,if a password is difficult to guess,it is also difficult to remember.Graphical passwords have been proposed in the literature as a potential alternative to alphanumerical passwords,based on the fact that people remember pictures better than text.Existing graphical passwords,on the other hand,are vulnerable to a shoulder surfing assault.To address this shoulder surfing vulnerability,this study proposes an authentication system for web-applications based on visual cryptography and cued click point recall-based graphical password.The efficiency of the proposed system was validated using unit,system and usability testing measures.The results of the system and unit testing showed that the proposed system accomplished its objectives and requirements.The results of the usability test showed that the proposed system is easy to use,friendly and highly secured.展开更多
In this paper, a new scheme that uses digraph substitution rules to conceal the mechanism or activity re- quired to derive password-images is proposed. In the pro- posed method, a user is only required to click on one...In this paper, a new scheme that uses digraph substitution rules to conceal the mechanism or activity re- quired to derive password-images is proposed. In the pro- posed method, a user is only required to click on one of the pass-image instead of both pass-images shown in each chal- lenge set for three consecutive sets. While this activity is sim- ple enough to reduce login time, the images clicked appear to be random and can only be obtained with complete knowl- edge of the registered password along with the activity rules. Thus, it becomes impossible for shoulder-surfing attackers to obtain the information about which password images and pass-images are used by the user. Although the attackers may know about the digraph substitution rules used in the pro- posed method, the scenario information used in each chal- lenge set remains. User study results reveal an average login process of less than half a minute. In addition, the proposed method is resistant to shoulder-surfing attacks.展开更多
文摘Alphanumerical usernames and passwords are the most used computer authentication technique.This approach has been found to have a number of disadvantages.Users,for example,frequently choose passwords that are simple to guess.On the other side,if a password is difficult to guess,it is also difficult to remember.Graphical passwords have been proposed in the literature as a potential alternative to alphanumerical passwords,based on the fact that people remember pictures better than text.Existing graphical passwords,on the other hand,are vulnerable to a shoulder surfing assault.To address this shoulder surfing vulnerability,this study proposes an authentication system for web-applications based on visual cryptography and cued click point recall-based graphical password.The efficiency of the proposed system was validated using unit,system and usability testing measures.The results of the system and unit testing showed that the proposed system accomplished its objectives and requirements.The results of the usability test showed that the proposed system is easy to use,friendly and highly secured.
文摘In this paper, a new scheme that uses digraph substitution rules to conceal the mechanism or activity re- quired to derive password-images is proposed. In the pro- posed method, a user is only required to click on one of the pass-image instead of both pass-images shown in each chal- lenge set for three consecutive sets. While this activity is sim- ple enough to reduce login time, the images clicked appear to be random and can only be obtained with complete knowl- edge of the registered password along with the activity rules. Thus, it becomes impossible for shoulder-surfing attackers to obtain the information about which password images and pass-images are used by the user. Although the attackers may know about the digraph substitution rules used in the pro- posed method, the scenario information used in each chal- lenge set remains. User study results reveal an average login process of less than half a minute. In addition, the proposed method is resistant to shoulder-surfing attacks.
