Textual passwords are the most common method
used for authentication. But textual passwords are vulnerable to
eves dropping, dictionary attacks, social engineering and
shoulder surfing. Graphical passwords are introduced as
alternative techniques to textual passwords. Most of the graphical
schemes are vulnerable to shoulder surfing. To address this
problem, text can be combined with images or colors to generate
session passwords for authentication. Session passwords can be
used only once and every time a new password is generated. In
this paper, two techniques are proposed to generate session
passwords using text and colors which are resistant to shoulder
Surfing. These methods are suitable for Personal Digital
Assistants.
Published In : IJCAT Journal Volume 1, Issue 6
Date of Publication : 31 July 2014
Pages : 327 - 332
Figures :07
Tables : --
Publication Link : Session Password Authentication Schemes Using
Texts and Colors to Secure Data Backup and
Restore for PDA
Narendra Joshi : was born in Nasik,
Maharashtra on 1
st
March 1979.He
Received B.Tech Degree (Computer
Technology) from Mumbai University in
2004. Presently he is doing M.E. (CSE) last
semester student from Shreeyash College of
Engineering and Technology, Aurangabad.
S.M.Tidake : work as a HOD of Computer
Dept. Shreeyash college of Engineering
Aurangabad.
In this paper, two authentication techniques based on
text and colors are proposed for PDAs.These techniques
generate session passwords and are resistant to
dictionary attack, brute force attack and shouldersurfing.
Both the techniques use grid for session
passwords generation. Pair based technique
requires no special type of registration during
login time based on the grid displayed a session
password is generated. For hybrid textual scheme,
ratings should be given to s, based on these ratings
and the grid displayed during login, session
passwords are generated. However these schemes
are completely new to the users and the
proposed authentication techniques should be verified
extensively for usability and effectiveness.
[1] R. Dhamija and A. Perrig. “Déjà Vu: A User Study
Using Images for Authentication”. In 9th USENIX
Security Symposium, 2000.
[2] Red User Corporation: Pass faces. www.passfaces.com
[3] H. Zhao and X. Li, "S3PAS: A Scalable Shoulder-
Surfing Resistant Textual-Graphical Password
Authentication Scheme," in 21st International
Conference on Advanced Information Networking
and Applications Workshops (AINAW 07), vol. 2.
Canada, 2007, pp. 467-472.
[4] W. Jansen, "Authenticating Mobile Device User
through Image Selection," in Data Security, 2004.
[5] Passlogix, site http://www.passlogix.com.
[6] W.Jansen, "Authenticating Users on Handheld
Devices “in Proceedings of Canadian Information
Technology Security Symposium, 2003.
[7] G. E. Blonder, "Graphical passwords," in Lucent
Technologies, Inc., Murray Hill, NJ, U. S. Patented.
United States, 1996.