A Review of Graphical Password based Authentication Systems


EOI: 10.11242/viva-tech.01.05.016

Download Full Text here



Citation

Ms. Rishabhdev Sharma, Ms. Sana Shaikh, Ms. AbhilashaYadav, Rahmat Shaikh, "A Review of Graphical Password based Authentication Systems", VIVA-IJRI Volume 1, Issue 6, Article 1, pp. 1-5, 2023. Published by Computer Engineering Department, VIVA Institute of Technology, Virar, India.

Abstract

Authentication techniques have seen tremendous advancement, innovation, and thus success in the real world. It has moved its way up from rudimentary ciphers to complex authentication techniques which would require thousands of years even for the most powerful computers to crack. Today Alpha-Numeric Passwords, in User ID and Password combination are the most used type of authentication format in the world. However, researchers have shown that while alpha-numeric passwords are good, and often very hard to crack, they are vulnerable to many attacks such as phishing, social engineering, malware, dictionary attack, offline cracking, spidering, Brute force attack, shoulder surfing, guessing, etc. All these attacks are possible due to either human error, or the blazing fast speed that a computer can interact with the authentication system while deploying its password cracking technique. Thus, in order to counter these to drawbacks of alpha-numeric passwords, researchers have been coming up with new methods of authentication which does not use any alpha numeric inputs, or any other qualities which cause the drawback in said system. In order to accomplish this goal some researchers have started on various variations of graphical based passwords, as these systems are much more sophisticated as compared to alphanumeric passwords. In this review paper, many such graphical systems are analyzed in order to learn their advantages over their alphanumeric counter parts. And which things can be carried over, to develop a new system that would be more efficient, easy to use, robust and user friendly.

Keywords

Authentication, Security attacks, Alpha-numeric passwords, Graphical Passwords, Usability, Cryptographic Obfuscation, Deep Learning, Machine Learning

References

  1. H. Gao, W. Jia, F.Ye and L. Ma, “A Survey on the Use of Graphical Passwords in Security.”, Journal of Software, Vol.8, No.7, 2013, pp.1678-1698
  2. G.Yang and H. Oh, ”Implementation of a Graphical Password Authentication System ‘PassPositions’”, Journal of Image and Graphics, Vol.6, No.2, 2018, pp. 117-121
  3. S.S. Shen, T.H. Kang, S.H. Lin and W. Chien,” Random graphic user password authentication scheme in mobile devices”, International conference on applied system innovation (ICASI), IEEE, 2017, pp. 1251-1254.
  4. N. Asmat and H. S. A. Qasim, “Conundrum-Pass: A New Graphical Password Approach.”, 2nd International Conference on Communication, Computing and Digital Systems (C-CODE), IEEE, 2019, pp. 282-287.
  5. H. Chabannne, V. Despiegel and L. Guiga, “One Picture is Worth a Thousand Words: A New Wallet Recovery Process.”, arXiv preprint arXiv:2205.02511, 2022
  6. T. Khodadadi, Y. Javadianasl, F. Rabiei, M. Alizadeh, M. Zamani, SS. Chaeikar, “A Novel Graphical Password Authentication Scheme with Improved Usability”, 4th International Symposium on Advanced Electrical and Communication Technologies (ISAECT), IEEE, 2021, pp. 01-04.
  7. T. joo Fong, A. Abdullah, N.Z. Jhanjhi and M. Supramaniam, “The coin passcode: A shoulder-surfing proof graphical password authentication model for mobile devices.”, International Journal of Advanced Computer Science and Applications, Vol.10, No.1, 2019.
  8. J.A. Jaffar and A.M. Zeki, “Evaluation of Graphical Password Schemes in Terms of Attack Resistance and Usability”, International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT), IEEE, 2020, pp. 1-5.
  9. Z. Parish, A.S. Abari, J.Thorpe, “A study on priming methods for graphical passwords”, Journal of Information Security and Applications, Vol. 62, 2021.
  10. S. Chiasson, P. C. Van Oorschot, R. Biddle,”Graphical password authentication using cued click points.”, European Symposium on Research in Computer Security, Springer, 2007, pp. 359-374.