We
propose a scheme which combines both text as well as graphics, a Textual
Graphical Password Authentication Scheme Resistant to Shoulder Surfing which is
a basic Single Set Scheme. To increase the level of security and to prevent
Brute force attack we shall introduce the SMS module.To login user should find
all his original password characters in the login image and click inside the
invisible triangle which is also called as password triangle. This password
triangle is created using 3 original password characters. The user can select
any character which is present inside the invisible triangle or on the border
of password triangle. These selected characters are known as session characters
and all such session characters makes session password. Therefore in this
scheme there are two types of passwords i.e. original password and session
password. The original password is set by the user while registering in the
system and session password is created when user makes clicks inside the
password triangle during login. Session password changes every time when the
user tries to login. This is due to a technique called “Change Image
Technology”, system generates a new login image every time user tries to login.
This helps in securing original password from being hacked. There can be a
possibility that out of three password triangle characters two are same then in
such case the password triangle cannot be formed so we need to consider a line
instead of the triangle and click on that invisible line. An exceptional case
may be that all the three password triangle characters are same then there can
be neither a triangle formation nor a line so the user has to consider a
virtual circle centered on that character.Our systems key feature is the Change
Image Technology which prevents the brute force attack and shoulder surfing by
changing the image for each session and for each authentication stage which
makes the password difficult to crack. Also the length of the password is four
which is easy for users to remember. Thus our proposed system fulfills all the
requirements of security.
http://research.ijcaonline.org/volume114/number19/pxc3902031.pdf
No comments:
Post a Comment