User Authentication using Musical Password

Abstract

Computers, Mobile and other handheld devices depend largely on passwords mechanism to identify and authenticate users. Typically, passwords are strings of characters and digits. Alphanumeric passwords are convoluted to remember for users because a safe password should be long and arbitrary, however users pick short, simple, and insecure passwords. Different solutions have been proposed to aim to make passwords more memorable and easier for users to use and, for this reason, it is more secure. In this paper, we propose a new user authentication scheme, based on the principle that the music, melody can all aid memory. In this scheme the simulation of Piano instrument is implemented for proof of concept. User creates the music using the keys of Piano simulation, which will be stored as user password in the secure database. Each key selection of piano can be associated with a unique secret code, the combination of these codes are actually stored in the database after hashing, which will be tested at the time of user authentication. The proposed scheme is highly memorable, defiant to brute force attacks and dictionary attack, protected from shoulder surfing attacks and from spywares tracking. This combination of security and usability will be a focus for users to choose this scheme for their web, computer and mobile passwords. Keyword: Security, User Authentication, usability, memorability, Password, Musical Password.