Graphical Passwords

Graphical Passwords
(1) Why graphical passwords? Pictures are easy to remember or recognized than text.. (2) Are graphical passwords as secure as text passwords? (3) What are the major design and implementation issues for graphical passwords?

Random Image

Based on hash visualization techniques.

Passfaces

Passlogix

Pass Point

Based on JPEG 2000

Random Image

Random Image

Based on hash visualization techniques.

Draw-A-Secret (DAS)

Drawing Grid

Graphical Passwords Design

Recognition Based Techniques Recall Based Techniques (1) Produce a drawing (2) Repeat a sequence of actions

Attack on Graphical Passwords

(1) Brute force search (2) Dictionary attacks (3) Guessing * different person has different choice. * human have some common selections. (4) Spy ware (5) Shoulder surng (6) Social engineering

Research on Graphical Passwords

(1) Design a new graphical password scheme * can return a random length text password (2) Use graphical password in public key cryptosystem. * User generate a big number from graphical password. * Convert the big number into a signing private key. * Get a certicate from CA with the generated key. * Embed graphical password into application such as webmail. * User log on webmail, generate his signing key

owHtWU1sJNld3yTAIYhDIiEhwaFc9tJtbVW1WBuPLLunep0ea7S0UD1o+TFTbldV etQededFZHu1hRkx50hcIJccc0E5RdyCFI4oHDkhhISQkLiCEMcc896r71fvs7o8 O7H89+501fv+1f/7//7mt772wVe/8bMf/2Twix/+9O1X/v6Dr/zaP377q9/+9rNv /uApePD09S/7APdPjxAfAj1CfAj0CPEh0CPEh0CPEB8CPUJ8CPQI8SHQI8SHQI8Q