Abstract
In globalization of information, internet has played a vital role by providing an easy and fast access of information and systems to remote users. However, with ease for authentic users, it has made information resources accessible to unauthorized users too. To authorize legitimate user for the access of information and systems, authentication mechanisms are applied. Many users use their credentials or private information at public places to access their accounts that are protected by passwords. These passwords are usually text-based passwords and their security and effectiveness can be compromised. An attacker can steal text-based passwords using different techniques like shoulder surfing and various key logger software, that are freely available over internet. To improve the security, numerous sophisticated and secure authentication systems have been proposed that employ various biometric authentication systems, token-based authentication system etc. But these solutions providing such high-level security, require special modification in the design and hence, imply additional cost. Textual passwords that are easy to use but vulnerable to attacks like shoulder surfing, various image based, and textual graphical password schemes are proposed. However, none of the existing textual graphical passwords are resistant to shoulder surfing and more importantly to mobile key-logging. In this paper, an improved and robust textual graphical password scheme is proposed that uses sectors and colors and introducing randomization as the primary function for the character display and selection. This property makes the proposed scheme resistant to shoulder surfing and more importantly to mobile key-logging. It can be useful for authentication process of any smart held device application.
Highlights
Access control mechanisms are widely used to protect user resources especially information asset
It is comparatively secure than textual password against dictionary, brute-force, social engineering and key-logging attacks [2] but vulnerable to shoulder-surfing attack [6, 20] where authentic user is observed while entering the password [7]
We have proposed a textual graphical password scheme for smart held devices that is resistant to shoulder surfing and mobile-key logging attacks
Summary
Access control mechanisms are widely used to protect user resources especially information asset. Studies have shown that human brain can retain images more as compared to text [4, 5], and this property entitles graphical passwords as a more memorable method [6] It is comparatively secure than textual password against dictionary, brute-force, social engineering and key-logging attacks [2] but vulnerable to shoulder-surfing attack [6, 20] where authentic user is observed while entering the password [7]. We have proposed a textual graphical password scheme for smart held devices that is resistant to shoulder surfing and mobile-key logging attacks This scheme is a combination of recognition-based and pure-recall based approach and incorporates randomization on every text character with a click.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
