Abstract
User authentication is necessary to secure the data and process on Internet and in digital devices. Static text based authentication are most widely employed authentication systems for being inexpensive and highly scalable. But they are prone to various types of active and passive attacks. The constant need of extending them to increase security is making them less usable. One promising alternative is Graphical authentication systems, which if implemented properly are more secure but have their own drawbacks. In this paper, we discuss in detail the extension of our previous work Passblot [18], a unique graphical authentication system. It generates pseudo random one time passwords using a set of inkblots, unique to each user. Properties of one time passwords ensure the resistance towards various common attacks and the uniqueness of human perception makes it usable. We demonstrate how our system effectively mitigates various attacks and analyse the results from various experiments conducted.
Highlights
An average Internet user has around 25 accounts that require passwords [37]
The less time on part of the Strong text passwords made us doubt that users who successfully logged in session 2 might have used passwords which they regularly might be using for other accounts, this was later confirmed during our interaction with them
The probability that two consecutive sets of 4 inkblots are the same is 1/10C4, the attacker usually have to be successful for minimum of 3 times which makes it more robust compared to other authentication schemes. 5.1.5 Man in the middle, Interception and Session hijacking attack Man in the middle (MITM) is the form of attack in which an eavesdropper opens and maintains active connections with both the parties and relays messages between them
Summary
An average Internet user has around 25 accounts that require passwords [37]. People tend to forget their passwords [8, 9] due to human memory's fallibility and need reminders or replacements. One of the promising alternatives for current authentication systems is the Graphical password scheme. They have advantage of being more secure in terms of writing down and verbal. Many Graphical Authentication systems [1, 2, 4, 24, 25, 26, 27, 28, 29] have been proposed which club usage of graphical and text schemes They are susceptible to several types of active and passive attacks like replay, shoulder surfing, session hijacking and man in the middle attack. Users had high success rates and as well participants rated the system positively
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
