Extended Text and Color Based Session Password Security against Shoulder Surfing and Spyware

In this paper, a new technique called extended text and color based session password security against shoulder surfing and spyware was suggested .It involves two phases; in registration phase user register him/her self with credential like name, number, address, and password in provide manually with keyboard. User can be entering their textual password of fixed length i.e. six. And choose one color as his pass-color from 8 colors assigned by the system. The remaining 7 colors not chosen by the user are his decoy-colors. After registration successfully the randomly color combination sequence is generated as per textual password and it will send to the user via text massage and it will be use only one time login. In login phase the user requests to login the system, and the system displays a circle composed of 8 equally sized sectors initially, 64 characters with different color combinations are placed averagely and randomly among these sectors. All the displayed characters and character colors can be simultaneously rotated into either the adjacent sector clockwise by clicking the “clockwise” button once or the adjacent sector anticlockwise by clicking the anticlockwise button once and the rotation operations can also be performed by scrolling the mouse wheel. User selects its password with color combination according to the text message they have received during registration. By rotating the circle clockwise or anticlockwise, if color and character matches then user will successfully login the system. If user enters wrong color character continuously three times then session will expire automatically. And get new password to user.

http://www.jetir.org/papers/JETIR1407015.pdf