A Sector-Based Graphical Password Scheme with Resistance to Login-Recording Attacks

Wei-Chi KU  Yu-Chang YEH  Bo-Ren CHENG  Chia-Ju CHANG  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E98-D   No.4   pp.894-901
Publication Date: 2015/04/01
Publicized: 2015/01/20
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2014EDP7302
Type of Manuscript: PAPER
Category: Information Network
Keyword: 
accidental login,  graphical password,  login-recording attack,  shoulder-surfing attack,  

Full Text: PDF(1.7MB)>>
Buy this Article




Summary: 
Since most password schemes are vulnerable to login-recording attacks, graphical password schemes that are resistant to such attacks have been proposed. However, none of existing graphical password schemes with resistance to login-recording attacks can provide both sufficient security and good usability. Herein, we design and implement a simple sector-based graphical password scheme, RiS, with dynamically adjustable resistance to login-recording attacks. RiS is a pure graphical password scheme by using the shape of the sector. In RiS, the user can dynamically choose the login mode with suitable resistance to login-recording attacks depending on the login environment. Hence, the user can efficiently complete the login process in an environment under low threat of login-recording attacks and securely complete the login process in an environment under high threat of login-recording attacks. Finally, we show that RiS can achieve both sufficient security and good usability.