Captcha as Graphical Password for User Authentication: A New Security Primitive

International Journal of Computer Trends and Technology (IJCTT)          
© 2015 by IJCTT Journal
Volume-28 Number-1
Year of Publication : 2015
Authors : P.Lavnya, R. Sivaranjani


P.Lavnya, R. Sivaranjani "Captcha as Graphical Password for User Authentication: A New Security Primitive". International Journal of Computer Trends and Technology (IJCTT) V28(1):33-40, October 2015. ISSN:2231-2803. Published by Seventh Sense Research Group.

Abstract -
Most of the computer systems use password as a method of choice for authenticating users. Text is generally is used for such authentication, but these text-based passwords are insecure.To provide a better security for user authentication Captcha (Completely Automated Public Turing tests to tell Computers and Humans Apart) as graphical passwords are used. Graphical passwords use images or representation of images as password. The human brain easily remembers the ‘Graphical image secret word’ when compared to the ‘Text secret word’. Now-adays, in market, many graphical image secret word software’s are available, as well as distinct graphical image secret word methods. The work proposed in this paper, merges Cued click points with token based verification and Captcha text. Prime intention of this proposal is to minimize the guessing attacks as well as to encourage users to select more-random and difficult-to-guess passwords.

[1] Bin B. Zhu, Jeff Yan, Guanbo Bao, Maowei Yang, and Ning Xu, “Captcha as Graphical Passwords—A New Security Primitive Based on Hard AI Problems”, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 6, JUNE 2014
[2] Jermyn, A. Mayer, F. Monrose, M. Reiter, and A. Rubin, “The design and analysis of graphical passwords,” in Proc. 8th USENIX Security Symp., 1999, pp. 1–15.
[3] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon,“PassPoints: Design and longitudinal evaluation of a graphical password system” Int. J. HCI, vol. 63, pp. 102–127, Jul. 2005.
[4] R. Biddle, S. Chiasson, and P. C. van Oorschot, “Graphical passwords: Learning from the first twelve years,” ACM Comput. Surveys, vol. 44, no. 4, 2012.
[5] P.R.DevaleShrikala, M. Deshmukh and Anil B.Pawar. “Persuasive Cued Click Points with Click Draw Based Graphical Password Scheme”. International Journal of Soft Computing and Engineering, Volume-3, Issue- 2 May 2013.
[6] Iranna A M and PankajaPatil. Graphical Password Authentication using Persuasive Cued Click Point, International Journal of Advanced Research in Electrical,Elecrtorics and Instrumentation Engineering, Vol.2, Issue 7, July 2013.
[7] Sonia Chiasson, Elizabeth Stobert, Alain Forget, Robert Biddle, and Paul C. van Oorschot, 2012,”Persuasive Cued Click-Points: Design,Implementation, and Evaluation of a Knowledge-Based Authentication Mechanism,” to be published in IEEE Transactions, vol. 9, no. 2.
[8] E. Stobert, A. Forget, S. Chiasson, P. van Oorschot, and R.Biddle, “Exploring Usability Effects of Increasing Security in Click-Based Graphical Passwords,” Proc. Ann. Computer Security Applications Conf. (ACSAC), 2010.
[9] Davis, D. Monrose, F. and Reiter, M.K. “On user choice in graphical password schemes”. In Thirteenth Usenix Security Symposium (San Diego, CA, USA, Aug. 9-13, 2004).
[10] Hossein Nejati, Ngai-man Cheung, Ricardo Sosa and Dawn C.I.Koh. Deep“Captcha: An Image CAPTCHA Based on Depth Perception”. ACM digital Library, March 2014.

Password, Graphical password, CaRP, hotspots, Captcha, password guessing attack, dictionary attack, security primitive.