Abstract
Considering the popularity and wide deployment of text passwords, we predict that they will be used as a prevalent authentication mechanism for many years to come. Thus, we have carried out studies on mechanisms to enhance text passwords. These studies suggest that password space and memorability should be improved, with an additional mechanism based on images. The combination of text and images increases resistance to some password attacks, such as brute force and observing attacks. We propose a hybrid authentication scheme integrating text and recognition-based graphical passwords. This authentication scheme can reduce the phishing attacks because if users are deceived to share their key passwords, there is still a chance to save the complete password as attackers do not know the users’ image preferences. In addition to the security aspect, the proposed authentication scheme increases memorability as it does not require users to remember long and complex passwords. Thus, with the proposed scheme users will be able to create strong passwords without sacrificing usability. The hybrid scheme also offers an enjoyable sign-in/log-in experience to users.
Highlights
User authentication is one of the most important parts of the security of information systems
To evaluate the strength of the passwords created with the proposed authentication scheme, an empirical study was conducted with 52 participants
Participants were asked about their experiences on the use of the novel authentication scheme to create an account. 92% of the participants liked the method of password creation with the scheme. 94% of them considered that it was fun to use, and 90% of the participants considered that the scheme was easy to use
Summary
User authentication is one of the most important parts of the security of information systems. Evidence shows that users generally choose weak passwords so that they can remember them [1, 21]. This increases the possibility of the passwords being cracked. While some researchers integrated different types of graphical passwords [10], others combined graphical passwords with text passwords [12, 14, 17] These researchers proposed solutions to shoulder surfing attacks to strengthen the graphical password schemes. Rao and Yalamanchili [14] proposed two authentication schemes using graphical passwords called Pair Pass Char (PPC) and Tricolor Pair Pass Char (TPPC). Both these schemes support two modes of input: keyboard entry and mouse clicks. The login times increase where the password space is enhanced in these proposed schemes, and usability is sacrificed for security
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.