PRESENTED BY:DHVANI SHAH

Graphical Password Authentication

OUTLINE

Summary:1.Introduction -Password -Authentication -Methods of Authentication2. Text-based password -Drawbacks of text-based passwords3.Problem Definition4.Graphical Password5.Existing Model6.Proposed Model7.Conclusion

INTRODUCTION

What is PASSWORD?

PASSWORD

PASSWORD is a secret word or string of characters that is used for user authentication to prove his/her identity and going to access resources

Used for?Logging into accountsRetrieving emailsAccessing applicationsUsed In? Networks. Websites Databases

What is AUTHENTICATION?

Conformation of a person’s identity

Methods for authentication

Token-based Biometric-

based

Knowledge-based

Key cards, smart cards

Face recognition, finger print

Text-based, image-based

Text-based Password

Drawbacks

1) Difficulty of remembering

passwordsEasy to remember : easy

to guessHard to guess : hard to

remember

2)Users tend to write thepasswords down or use thesame passwords bydifferent accounts

Drawbacks

3)Brute force attack

4) Dictionary attack

PROBLEM DEFINITION

Alpha-numeric passwords have various disadvantages and to overcome this disadvantages

GRAPHICAL PASSWORD AUTHENTICATION model has been proposed.

User Authentication : Graphical Password

Use graphics (images) instead of alphanumerical passwords

Why?A picture is worth a thousand wordsHumans remember pictures better than

wordsMore resistant to brute-force attacks (search

space is practically infinite).

REGISTRATION TASK

USER TASK:

U S E R N A M E

NEW USER REGISTER

DATABASE

Enter the username in the username field

Verifies the username and store into the database

Click on NEW USER REGISTER button

REGISTRATION TASK

PASSWORD CREATION

Browse the

imageSelected image

DATABASE

LOGIN PHASE

PASSWORD VERIFICATION

Registered image

will generated

image

Verify in

DATABASE

Example

MOM

LI

Recognition based Recall based

A user is presented with the set of images and the user passes the authentication by recognizing and identifying the images he selected during registration stage.

A user is asked to reproduce something that user has created or selected earlier during registration phase

Two Approaches

FLOWCHARTStart

Upload one image as per choice

Select POI(point of interest),POI is described as circle with center and radius

A word or phrase can be associated with thePOI

Selecting POI

Enforce order

Donot enforce order

Stop

Advantages

Easy to remember and hard to guess

for others.

Here the security of the system is

very high.

Provide a way of making more

human-friendly passwords .

Dictionary attacks are infeasible.

.

Existing system

In existing system, passwords are mostly of

text oriented.

Larger memory space.

Some are prone to shoulder surfing attack.

Proposed system

In proposed system, author uses a

multi-factor graphical password

system.

During password creation, there is a

image associated with text

IMPLEMENTATION MODEL

START

Upload one image as per choice

Select POI(point of interest),POI is described as square

with center and radius

Enforce order

STOP

REGISTRATION TASK

USER TASK:

U S E R N A M E

NEW USER REGISTER

DATABASE

Enter the username in the username field

Verifies the username and store into the database

Click on NEW USER REGISTER button

REGISTRATION TASK

PASSWORD CREATION

Browse the

imageSelected image

DATABASE

LOGIN PHASE

PASSWORD VERIFICATION

Registered image

will generated

image

Verify in

DATABASE

Conclusion

Search space (system parameters): -picture -POIs (number and order) -words associated with POIsTogether, the above parameters define

a very large password space (infinite)Multi-factor authentication (graphical,

text, POI-order, POI-number)in a friendly intuitive system

REFERENCES

A Graphical Password Authentication System- Ahmad Almulhem : Computer Engineering Department

Graphical Passwords: A Concept Survey- Ibrahim Bumin KARA

William Stallings and Lawrie Brown. Computer Security- Principle and Practices.

Daniel V. Klein. Foiling the Cracker: - A Survey of and Improvements to, Password Security.

THANK YOU