Hybrid

Password
Authentication

Contents
Introduction
Objective
Project

Requirements
Why Graphical Passwords?
Limitations
Proposed System
Future Scope
Conclusion

Introduction
This

Research Paper basically on Hybrid

Password Authentication

What

is an Hybrid Authentication ?

Using

Image and Colors

 Textual

password, the most common method used

for authentication

Textual

password are vulnerable to eves dropping,

dictionary attacks, social engineering & shoulder
surfing.

Hybrid

password, an alternative technique.

Hybrid Password
The

proposed authentication schemes

use image and colors for generating
passwords.

Instead

of typing in a password, user

select a picture and then create three
taps/click on desire location and the
location coordinate will be saved on
database plus user can chose three
different color.

Objective
To

develop secure system

To

avoid shoulder surfing.

To

avoid dictionary attack.

To

avoid brute force attack.

PROJECT REQUIREMENTS

Hardware Requirement
System
: Pentium IV 2.4 GHz.
Hard Disk : 1 GB.
Ram
: 1 GB.

Software Requirement
Operating system : Win 7,Win 8.
Data Base

Platform

: SQL Server

: .NET

User

Color Chart

Table1

Point Selection on
Image

Table2

Registration

Registration Diagram

Problems with Alphanumeric

Passwords

difficulty remembering a password that is long and randomappearing

insecure passwords

easily guessable
long-term memory (LTM) limitations

Why Graphical Passwords?

Password should be easy to remember.
Password should be secured.

In his description of the concept an image would appear on the

screen, and the user would click on a few chosen regions of it. If the
correct regions were clicked in, the user would be authenticated.

Image Based Authentication

Grid based method :

LIMITATIONS
During authentication
the user must draw
his/her password in the
same grids and in the
same sequence.
It is really hard to
remember the exact
coordinates of the grid

Blonder-style passwords
1. User chooses several predefined
regions in an image as his or her
password.
2. To log in the user has to click on the
same regions.
LIMITATIONS

number of predefined regions is small.

The password may have to be up to 12 clicks for adequate security,
again tedious for the user.
need for the predefined regions.
pre-defined click objects or regions required simple, artificial
images, instead of complex, real-world scenes.

Proposed System :

Pass Point (cute recall)

Feedback on password after all points have been chosen.

The points were also numbered 1 to 5 to indicate their
order of input.

The picture could be any natural picture or painting.

Should be rich enough in order to have many
possible click points.
Image is not secret.
No need for artificial predefined click regions with
well-marked boundaries .
The user is choose several points on picture in a
particular order.
The result showed that graphical password took fewer
attempts for the user than alphanumerical passwords.

Graphical password authentication

scheme based on color image gallery.

Future Scope
It

can be used in PDAs.

It

can be used in Mobile Application

Folder

locker or an external gateway

authentication to connect the application to a
database or an external embedded device.

Conclusion

It is more securable as compared to the existing

system.

It is not vulnerable to shoulder surfing, eves dropping,

brute force attack.

Picture password is still immature, more research is

required in this field.

Thank You