GRAPHICAL PASSWORD

PRESENTED BY

MANISH KUMAR BHADE

GGITS, JABALPUR

CONTENTS

1. INTRODUCTION.2. WHAT IS PASSWORD?3. WHAT IS GRAPHICAL PASSWORD?4. COMPARISION BETWEEN ALPHA-NUMERIC &

GRAPHICAL PASSWORDS. 5. WHAT IS ALPHA-NUMERIC PASSWORDS?6. ADVANTAGES OF GRAPHICAL PASSWORDS.7. A SIMPLE GRAPHICAL PASSWORD SCHEME.8. DRAWBACKS.9. THE SHOULDER SURFING PROBLEM.10. SOLVING THE SHOULDER SURFING PROBLEM.

PASSWORDS

The most commonly used form of user authentication. The weakest links of computer security systems. Two conflicting requirements of alphanumeric

passwords (1) Easy to remember and (2) Hard to guess. Many people tend to ignore the second requirement

which lead to weak passwords. Many solutions have been proposed. Graphical password is one of the solutions.

GRAPHICAL PASSWORDS

A GRAPHIICAL PASSWORD is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI). For this reason, the graphical-password approach is sometimes called graphical user authentication (GUA).

An example of a system that we developed uses an image on the screen and lets the user choose a few click points; these click points are the "password", and the user has to click closely to these points again in order to log in.

COMPARISION BETWEEN ALPHA-NUMERIC & GRAPHICAL PASSWORDS:

Commonly used guidelines for alpha-numeric passwords are:

The password should be at least 8 characters long. The password should not be easy to relate to the user (e.g.,

last name, birth date). The password should not be a word that can be found in a

dictionary or public directory. Ideally, the user should combine upper and lower case

letters and digits. But in graphical passwords, which consist of some actions

that the user performs on an image. Such passwords are easier to remember & hard to guess.

Graphical Passwords - What A Concept! The concept is simple: You

pick several icons to represent your password. Then when you want to authenticate a screen is drawn as a challenge to which you must respond. The screen has numerous icons, at some of which are your private password icons. You must locate your icons visually on the screen and click somewhere directly inside the perimeter they create -- but not on the icons themselves

A SIMPLE GRAPHICAL PASSWORD SCHEME

The user chose these regions when he or she created the password. The choice for the four regions is arbitrary, but the user will pick places that he or she finds easy to remember. The user can introduce his/her own pictures for creating graphical passwords. Also, for stronger security, more than four click points could be chosen.

ADVATAGES OF GRAPHICAL PASSWORDS

Graphical password schemes provide a way of making more human-friendly passwords while increasing the level of security.

Here we use a series of selectable images on successive screen pages, if there are 100 images on each of the 8 pages in an 8-image password, there are 100^8, or 10 quadrillion (10,000,000,000,000,000), possible combinations that could form the graphical password! If the system has a built-in delay of only 0.1 second, it would take (on average) millions of years to break into the system by hitting it with random image sequences.

Dictionary attacks are infeasible

DRAWBACKS

THE SHOULDER SURFING PROBLEM As the name implies, shoulder surfing is watching over people's

shoulders as they process information. Examples include observing the keyboard as a person types his or her password, enters a PIN number, or views personal information.

Because of their graphic nature, nearly all graphical password schemes are quite vulnerable to shoulder surfing. Most of the existing schemes simply circumvent the problem by stating that graphical passwords should only be used with handheld devices or workstations set up in such a way that only one person can see the screen at the time of login.

OUR GOAL

Due to this vulnerability to shoulder surfing, it would appear that graphical passwords could never be used in environments where view of the screen is not exclusive to the person logging in. However, it is possible to create schemes that counter the shoulder surfing problem.

SOLUTION TO SHOULDER SURFING PROBLEM

(1) TRIANGLE SCHEME

(For clarity, this collection contains only a little over 100 objects. Typical screens can fit over 1000.)

(2) MOVABLE FRAME SCHEME

CONCLUSION

Graphical passwords are an alternative to textual alphanumeric password.

It satisfies both conflicting requirements i.e. it is easy to remember & it is hard to guess.

By the solution of the shoulder surfing problem, it becomes more secure & easier password scheme.

By implementing other special geometric configurations like triangle & movable frame, one can achieve more security.

THANK YOU

QUERRIES?