Session Password Authentication Schemes Using Texts and Colors to Secure Data Backup and Restore for PDA  
  Authors : Narendra Joshi; S.M.Tidake


Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, two techniques are proposed to generate session passwords using text and colors which are resistant to shoulder Surfing. These methods are suitable for Personal Digital Assistants.


Published In : IJCAT Journal Volume 1, Issue 6

Date of Publication : 31 July 2014

Pages : 327 - 332

Figures :07

Tables : --

Publication Link : Session Password Authentication Schemes Using Texts and Colors to Secure Data Backup and Restore for PDA




Narendra Joshi : was born in Nasik, Maharashtra on 1 st March 1979.He Received B.Tech Degree (Computer Technology) from Mumbai University in 2004. Presently he is doing M.E. (CSE) last semester student from Shreeyash College of Engineering and Technology, Aurangabad.

S.M.Tidake : work as a HOD of Computer Dept. Shreeyash college of Engineering Aurangabad.











In this paper, two authentication techniques based on text and colors are proposed for PDAs.These techniques generate session passwords and are resistant to dictionary attack, brute force attack and shouldersurfing. Both the techniques use grid for session passwords generation. Pair based technique requires no special type of registration during login time based on the grid displayed a session password is generated. For hybrid textual scheme, ratings should be given to s, based on these ratings and the grid displayed during login, session passwords are generated. However these schemes are completely new to the users and the proposed authentication techniques should be verified extensively for usability and effectiveness.










[1] R. Dhamija and A. Perrig. “Déjà Vu: A User Study Using Images for Authentication”. In 9th USENIX Security Symposium, 2000.

[2] Red User Corporation: Pass faces.

[3] H. Zhao and X. Li, "S3PAS: A Scalable Shoulder- Surfing Resistant Textual-Graphical Password Authentication Scheme," in 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW 07), vol. 2. Canada, 2007, pp. 467-472.

[4] W. Jansen, "Authenticating Mobile Device User through Image Selection," in Data Security, 2004.

[5] Passlogix, site

[6] W.Jansen, "Authenticating Users on Handheld Devices “in Proceedings of Canadian Information Technology Security Symposium, 2003.

[7] G. E. Blonder, "Graphical passwords," in Lucent Technologies, Inc., Murray Hill, NJ, U. S. Patented. United States, 1996.