Varying Password Based Scheme for User Authentication

  • Santosh Kumar SahuEmail author
  • Asish Kumar Dalai
  • Sanjay Kumar Jena
Conference paper
Part of the Smart Innovation, Systems and Technologies book series (SIST, volume 28)


Secure authentication scheme is required to protect businesses and clients against attacks. Passwords are used as private identity for an individual. The password has to be protected from several threats like stealing, shoulder surfing, eavesdropping and guessing. Several work has been done to improve the traditional password based authentication such as biometric password authentication, graphical password scheme, and dynamic password scheme etc. Graphical passwords are strong resistance towards brute force and dictionary attacks. But it suffers to eavesdropping and guessing attacks. However, these schemes have been proved ineffective. In this paper, we have designed a hybrid system by combing the features of three different schemes such as textual password, recognition based password and recall based password. The result shows that proposed model overcomes eavesdropping and guessing more effectively than its counterparts.


User Authentication Graphical Password Textual Password Stroke Based Passowrd Salting 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Evans Jr., A., Kantrowitz, W., Weiss, E.: A user authentication scheme not requiring secrecy in the computer. Commun. ACM 17, 437–442 (1974)CrossRefGoogle Scholar
  2. 2.
    Purdy, G.B.: A high security log-in procedure. Commun. ACM 17, 442–445 (1974)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Kwon, K., Ahn, S.-J., Chung, J.-W.: Network Security Management Using ARP Spoofing. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 142–149. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Haller, N.M.: The S/Key one-time password system. In: Proc. Internet Society Symposium on Network and Distrbuted System Security, pp. 151–158 (1994)Google Scholar
  5. 5.
    Mitchell, C.J., Chen, L.: Comments on the S/KEY user authentication scheme. ACM Operating Syst. Rev. 30, 1216 (1996)CrossRefGoogle Scholar
  6. 6.
    Almuairfi, S., Veeraraghavan, P., Chilamkurti, N.: A novel image-based implicit password authentication system (IPAS) for mobile and non-mobile devices. Mathematical and Computer Modelling 58(12), 108–116 (2013)CrossRefGoogle Scholar
  7. 7.
    Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., Memon, N.: Passp oints: Design and longitudinal evaluation of a graphical password system. International Journal of Human-Computer Studies 63(12), 102–127 (2005)CrossRefGoogle Scholar
  8. 8.
    Shahid, M., Qadeer, M.A.: Novel scheme for securing passwords. In: 3rd IEEE International Conference on Digital Ecosystems and Technologies, DEST 2009, pp. 223–227 (2009)Google Scholar
  9. 9.
    Almulhem, A.: A graphical password authentication system. In: 2011 World Congress on Internet Security (WorldCIS), pp. 223–225 (2011)Google Scholar
  10. 10.
    Zheng, Z., Liu, X., Yin, L., Liu, Z.C.: A stroke-based textual password authentication scheme. In: Proceedings of the 2009 First International Workshop on Education Technology and Computer Science, ETCS 2009, vol. 3, pp. 90–95. IEEE Computer Society, Washington, DC (2009)CrossRefGoogle Scholar
  11. 11.
    Liu, X.-Y., Gao, H.-C., Wang, L.-M., Chang, X.-L.: An Enhanced Drawing Reproduction Graphical Password Strategy. J. Comput. Sci. Technol. 26(6), 988–999 (2011)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Santosh Kumar Sahu
    • 1
    Email author
  • Asish Kumar Dalai
    • 1
  • Sanjay Kumar Jena
    • 1
  1. 1.National Institute of TechnologyRourkelaIndia

Personalised recommendations