Abstract
Nowadays, user authentication is one of the important topics in information security. Text-based strong password schemes could provide with certain degree of security. However, the fact that strong passwords being difficult to memorize often leads their owners to write them down on papers or even save them in a computer file. Graphical Password or Graphical user authentication (GUA) has been proposed as a possible alternative solution to text-based authentication, motivated particularly by the fact that humans can remember images better than text. All of Graphical Password algorithms have two different aspects which are usability and security. This paper focuses on security aspects of algorithms that most of researchers work on this part and try to define security features and attributes. Unfortunately, till now there isn’t a complete evaluation criterion for graphical password security. At first, this paper tries to study on most of GUA algorithm. Then, collects the major security attributes in GUA and proposed an evaluation criterion.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Eljetlawi, A.M.: Study And Develop A New Graphical Password System, University Technology Malaysia, Master Dissertation (2008)
Eljetlawi, A.M., Ithnin, N.: Graphical Password: Comprehensive Study Of The Usability Features of The Recognition Base Graphical Password Methods. In: Third International Conference on Convergence and Hybrid Information Technology. IEEE, Los Alamitos (2008)
Varenhorst, C.: Passdoodles: A Lightweight Authentication Method.Massachusetts Institute of Technology, Research Science Institute (2004)
Darren, D., Fabian, M., Michael, K.: On User Choice In Graphical Password Schemes. In: Proceedings of the 20th Annual Computer Security Applications Conference. IEEE, Canada (2004)
Lin, D., Dunphy, P., Olivier, P., Yan, J.: Graphical Passwords And Qualitative Spatial Relations. In: Proceedings of the 3rd Symposium on Usable Privacy and Security. ACM, Pennsylvania (2007)
Blonder, G.E.: Graphical Password, U.S. Patent No. 5559961 (1996)
Ian, J., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The Design and Analysis of Graphical Passwords. In: Proceedings of The Eighth USENIX Security Symposium, pp. 1–14. USENIX Association (1999)
Lashkari, A.H., Towhidi, F.: Graphical User Authentication (GUA). Lambert Academic Publishing, Germany (2010) ISBN: 978-3-8433-8072-0
Sobrado, L., Birget, J.-C.: Graphical Passwords. The Rutgers Scholar, an Electronic Bulletin for Undergraduate Research 4 (2002)
Hafiz, M.D., Abdullah, A.H., Ithnin, N., Mammi, H.K.: Towards Identifying Usability And Security Features of Graphical Password in Knowledge Based Authentication Technique. IEEE, Los Alamitos (2008)
Dunphy, P., Yan, J.: Do Background Images Improve “Draw A Secret” Graphical Passwords? In: Proceedings of the 14th ACM Conference On Computer And Communications Security, Alexandria, Virginia, USA (2007)
Dhamija, R., Perrig, A.: ‘Déja vu: A User Study. Using Images For Authentication. In: The Proceeding of the 9th USENIX Security Symposium (2000)
Dhamija, R.: Hash Visualisation In User Authentication. In: Proceedings of CHI 2000. ACM The Hague (2000)
Yampolskiy, R.V.: User Authentication Via Behavior Based Passwords. IEEE Explore (2007)
Komanduri, S., Hutchings, D.R.: Order and Entropy in Picture Passwords. In: Proceedings of Graphics Interface, Canadian Information Processing Society, Ontario, Canada (2008)
Man, S., Hong, D., Matthews, M.: A Shoulder-Surfing Resistant Graphical Password Scheme – Wiw. In: Proceedings of International Conference On Security And Management, Las Vegas, NV (2003)
Wiedenbeck, S., Watersa, J., Birgetb, J.-C., Brodskiyc, A., Memon, N.: Design And Longitudinal Evaluation of A Graphical Password System, pp. 102–127. Academic Press, Inc., London (2005a)
Wiedenbeck, S., Birget, J.-C., Brodskiy, A.: Authentication Using Graphical Passwords: Effects of Tolerance And Image Choice. In: Symposium On Usable Privacy and Security (SOUPS), Pittsburgh, PA, USA (2005b)
Suo, X., Zhu, Y., Scott, G., Owen: Graphical Passwords: A Survey. In: Proceedings of the 21st Annual Computer Security Applications. IEEE, Los Alamitos (2005)
Li, Z., Sun, Q., Lian, Y., Giust, D.D.: An Association-Based Graphical Password Design Resistant To Shoulder-Surfing Attack, University of Cagliari, Italy. IEEE, Los Alamitos (2005)
Qibin Sun, Z.L., Jiang, X., Kot, A.: An Interactive and Secure User Authentication Scheme For Mobile Devices. In: Supported By The A-Star Serc Mobile Media TSRP Grant No 062 130 0056. IEEE, Los Alamitos (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lashkari, A.H., Abdul Manaf, A., Masrom, M., Daud, S.M. (2011). Security Evaluation for Graphical Password. In: Cherifi, H., Zain, J.M., El-Qawasmeh, E. (eds) Digital Information and Communication Technology and Its Applications. DICTAP 2011. Communications in Computer and Information Science, vol 166. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21984-9_37
Download citation
DOI: https://doi.org/10.1007/978-3-642-21984-9_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21983-2
Online ISBN: 978-3-642-21984-9
eBook Packages: Computer ScienceComputer Science (R0)