A Shoulder Surfing Resistant Graphical Authentication System in Java

A Shoulder Surfing Resistant Graphical Authentication System in Java

Abstract:

The security systems must provide authentication as a service to their users. Today's most common and widely used authentication method is text-based passwords; but it is not possible to create strong and easy-to-use passwords with this method. Designing a secure and easy-to-use authentication system is an important target for security systems. Graphical passwords (or Graphical User Authentication (GAU)) have emerged as an alternative to classical text-based passwords methods with the ease of use and reliability. The starting point of graphical authentication is based on the principle that people remember visual objects more than texts. Due to the people's tendency to use the authentication mechanism in public places such as public transportation, restaurants and classrooms, shoulder surfing attacks have recently increased. Hybrid images are created by mixing different features of two images. The person who looks closely at the hybrid image sees one of the images composing the hybrid image while the others can see the second image. In this study, we have developed a graphical authentication system that is resistant to shoulder surfing using hybrid images. The proposed method is compared with other graphical and text-based methods in terms of security level and ease of use.