Shoulder Surfing Resistant Graphical Authentication Scheme for Web Based Applications


Shoulder Surfing Resistant Graphical Authentication Scheme for Web Based Applications


1Prof. Awodele Oludele Ph.D., 2Kalesanwo Olamide, 3Kuyoro Afolashade PhD., 4Fowora Damilola, 5Ariweriokuma Excellence.

1,2,3,4,5 School of Computing and Engineering Sciences, Babcock University, Ilishan Remo, Ogun State, Nigeria.

American Journal of Computer Sciences and Applications


Since the design and development of the first graphical authentication pioneered by Blonder in 1996, numerous research has been conducted on this area to be used in different scenario especially on the Internet. One of the major motivators is the picture superiority which as studies have shown, states that image/pictures provides higher memorability as opposed to Text based authentication. However, graphical authentication is still faced with some challenges. In this paper, a shoulder surfing resistant graphical authentication scheme is proposed to tackle the major issues related to the graphical authentication schemes developed. In summary, the proposed scheme provides a high level of resistance to shoulder surfing attacks, mitigating the need to upload pictures and aids in finding chosen objects in the scheme. Finally, the schemes still have some vulnerabilities thus, concluding that there cannot be a perfect graphical authentication scheme; each scheme has its merits and demerits making it a suitable candidate for different environment and/or event based on its architecture.


Keywords: Authentication, Text-based Authentication, Graphical based Authentication, Security, Shoulder surfing

Free Full-text PDF


How to cite this article:
Awodele Oludele et al., Shoulder Surfing Resistant Graphical Authentication Scheme for Web Based Applications. American Journal of Computer Sciences and Applications, 2017; 1:7.DOI: 10.28933/ajcsa-2017-09-1801


References:

1. Alsaiari, H., Papadaki, M., Dowland, P., & Furnell, S. (2016). Graphical One-Time Password (GOTPass): A usability evaluation. Information Security Journal: A Global Perspective. doi:10.1080/19393555.2016.1179374
2. Biddle, R., Chiasson, S., & Oorschot, P. (2011). Graphical password: Learning from the first twelve years. Technical Report TR-11-01,.
3. Carlson, N. R., & Heth, D. C. (2010). Psychology–the science of behaviour. Toronto: Person.
4. Gao, H., Liu, X., Wang, S., & Dai, R. (2009). Design and Analysis of a Graphical Password Scheme. Innovative Computing, Information and Control (ICICIC). IEEE Xplore. doi:10.1109/ICICIC.2009.158
5. Gupta, S., Sahni, S., Sabbu, P., Varma, S., & Gangashetty, S. V. (2012). Passblot: A Highly Scalable Graphical One Time Password System. International Journal of Network Security & Its Applications (IJNSA), 4(2).
6. Lashkari, A. H., Manaf, A. A., Masrom, M., & Daud, M. S. (2011). Security Evaluation for Graphical Password. International Conference, DICTAP 2011, Proceedings, Part I. 166, pp. 431-444. Dijion, France: Springer Heidelberg Dordrecht.
7. Paivio, A. (1991). Dual coding theory: Retrospect and current status. Canadian Journal of Psychology(45), 255-287.
8. Prakash, M. V., Infant, P. A., & Shobana, S. J. (2010). Eliminating Vulnerable Attacks Using One-Time Password and PassText – Analytical Study of Blended Schema. Universal Journal of Computer Science and Engineering Technology, 1 (2), 133-140.
9. Standing, L., Conezio, J., & Haber, R. N. (1970). Perception and memory for pictures: Single-trial learning of 2500 visual stimuli. Psychonomic Science, 19(2), 73–74. doi:DOI: 10.3758/BF03337426
10. Suo, X., Zhu, Y., & Owen, S. G. (2005). Graphical Passwords: A Survey.
11. The Editors of Encyclopedia Britannica. (2012, July 3). Latitude and longitude. Retrieved April 5, 2017, from Encyclopedia Britannica: https://www.britannica.com/science/latitude
12. Varenhorst, C., Kleek, V. M., & Rudolph, L. (2004). Passdoodles; a Lightweight Authentication Method. Research Science Institute.
13. Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., & Memon, N. (2005). PassPoints: design and longitudinal evaluation of a graphical password system. Int. J. Hum.-Comput. Stud. 63, 1-2, 102-127.