13-02-2013, 10:10 AM
Graphical Password Authentication
Graphical Password .ppt (Size: 1.37 MB / Downloads: 147)
Introduction
How about text-based passwords ?
Difficulty of remembering passwords
easy to remember -> easy to guess
hard to guess -> hard to remember
Users tend to write passwords down or use the same passwords for different accounts
An alternative: Graphical Passwords
Psychological studies: Human can remember pictures better than text
Overview of the Authentication Methods
Token based authentication
key cards, band cards, smart card, …
Biometric based authentication
Fingerprints, iris scan, facial recognition, …
Knowledge based authentication
text-based passwords, picture-based passwords, …
most widely used authentication techeniques
Graphical Password Scheme
If the number of possible pictures is sufficiently large, the possible password space may exceed that of text-based schemes, thus offer better resistance to dictionary attacks.
can be used to:
workstation
web log-in application
ATM machines
mobile devices
The survey
Recognition Based Techniques
a user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he selected during the registration stage
Recall Based Techniques
A user is asked to reproduce something that he created or selected earlier during the registration stage
Recall Based Techniques
“PassPoint” Scheme
User click on any place on an image to create a password. A tolerance
around each chosen pixel is calculated. In order to be authenticated,
user must click within the tolerances in correct sequence.
can be hard to remember the
sequences
Password Space: N^K
( N -the number of pixels or smallest
units of a picture, K - the number of
Point to be clicked on )
Conclusion
main argument for graphical passwords:
people are better at memorizing graphical passwords than text-based passwords
It is more difficult to break graphical passwords using the traditional attack methods such as:burte force search, dictionary attack or spyware.
Not yet widely used, current graphical password techniques are still immature