2011 International Conference on Information and Intelligent Computing
IPCSIT vol.18 (2011) © (2011) IACSIT Press, Singapore
Enhanced Graphical Password by using Dynamic Block-style Scheme
Woo Chaw Seng1, Yong Kok Khuen2 and Ng Liang Shing2
1
Department of Artificial Intelligence, Faculty of Computer Science & Information Technology, University
of Malaya, Kuala Lumpur, Malaysia
2
Department of Artificial Intelligence, Faculty of Computer Science & Information Technology, University
of Malaya, Kuala Lumpur, Malaysia
1
cswoo@um.edu.my, 2kokkhuen.yong@gmail.com
Abstract. Alphanumerical authentication systems nowadays always encounter the balancing problem
between security and usability. A weak password is easy be to remembered but it is also easy to be guessed
while a strong password is harder to be guessed but it is also harder to be remembered. Thus, many
automated attacks are designed to break the alphanumerical password. Graphical password system can
overcome this problem by creating secure and memorable passwords. The basic idea of graphical password is
that human can remember pictures better than an alphanumeric string. A new graphical password scheme
using dynamic block-style is proposed in this project. The primary objective of this project is to develop a
graphical authentication system that is usable and secure. In addition, we applied fuzzy logic methods to
enhance the usability by allowing certain degree of tolerance during authentication. Different types of passimages were also tested. From the implementation, the proposed scheme is able to provide larger password
space and reduces registration and authentication time. Nature scene images that have the most key points are
most suitable to be used in this scheme.
Keywords: graphical password; authentication; dynamic block-style; fuzzy logic
1. Introduction
The most common computer authentication method is to use alphanumerical usernames and passwords.
This method has been shown to have significant drawbacks. For example, users tend to pick passwords that
are short and can be easily guessed. On the other hand, if a password is too long or hard to guess, then it is
often hard to remember [1].
Graphical password schemes have been proposed as a possible alternative to text based schemes,
motivated partially by the fact that humans can remember pictures better than text. Beside that, if the number
of possible pictures is sufficiently large, the possible password space of a graphical password scheme may
exceed that of text based schemes and thus presumably offer better resistance to brute force search and
dictionary attacks [2]. In addition, graphical password also has better resistant toward spyware and social
engineering when compared with text based password. Because of these advantages, there is a growing
interest in graphical password as alternative authentication method [3].
However, most of the current graphical password schemes do not have a balance between usability and
security aspects. For example, if the system is too simple then the system may not be secure enough. If the
algorithm is too complex then the system may not be user friendly, e.g.: difficult to learn and takes too long to
log in.
2. Related Work
139
There are three major categories of graphical password scheme: recall-based, recognition-based and cuedrecall [4].
In a recall based graphical password scheme, the users need to recall and reproduce a secret drawing. In
1999, Jermyn et al, in [5], proposed DAS (draw-a-secret) led graphical passwords to a grid background. Using
a grid as background has several advantages: first, it eliminates the need to store a graphical database on the
server side and removes the overhead to transfer images through network. Second, as a grid is a simple object,
this schemes minimize the quality requirement for displays. Different from most schemes, DAS do not impose
a limit on the length of a password; a user can draw a password as long as he desired. Theoretically, the full
password space of a grid-based scheme is infinite. However, this can lead to the difficulties in remembering
the drawing, if the drawing created is complex enough [6].
In a recognition-based graphical password scheme, the users memorize a portfolio of images during
password creation, and then recognize their images from among decoys to log in. PassfacesTM, a commercial
product by Passfaces Corporation, requires a user to select previously seen human face pictures as a password
[7]. One problem with PassfacesTM is that some faces displayed might not be welcomed by certain users. In
other words, if a user has to look at some faces he/she does not like or even dislike, the login process will
become unpleasant [8]. Another drawback of PassfacesTM is that it cannot be used by people who are faceblind (a disease which affects a person’s ability to tell faces apart).
In a cued-recall graphical password scheme, the users remember and target specific locations within an
image. In 2005, Wiedenbeck et al, in [1], proposed PassPoint which allowed a user to click on any point inside
an image. As long as the user clicks within a predetermined tolerance distance of the originally chosen point,
the clicking will be encoded as same as that for the original one. This allows the password to be stored as the
result of a hash function. However, the information about the safe grid (one out of three grids referred for each
click) cannot be hashed; and this might leak information once it is obtained by an attacker [9].
To overcome these limitations, a dynamic block-style scheme is proposed.
3. Graphical Authentication System
Alphanumeric passwords have been used in most authentication systems. However, the security and
usability problems associated with traditional alphanumerical password authentication system cannot be
ignored. The password should be easy to remember yet hard to guess. Graphical password was introduced to
overcome these problems.
Graphical passwords are less vulnerable against dictionary attacks and spywares compared to
alphanumerical passwords. To defend against brute force attack, a graphical password needs to have a larger
password space than alphanumerical password [2].
4. Proposed Dynamic Block-style Scheme
4.1. Dynamic Block-style Scheme
In the dynamic block-style scheme, an image is selected as the pass-image and it is divided into 10×10
grids to let the user choose at least 5 and not more than 9 grids (The Magical Number Seven, Plus or Minus
Two) as password. During authentication, the grids of pass-image will be divided into four m×n rectangle
randomly, where 1≤ m ≤ 9 and 1≤ n ≤ 9, and the location will then be rearranged. An example is shown in
Figure 1:
Figure 1.
Example of Random Size Rectangles and the Location after it is Rearranged
140
By dividing the image into 10×10 grids, it will make the password space of this system to exceed the
password space of traditional alphanumeric password scheme, that is only [94]^n where n = length of
password, which is not secure enough because technically it can be easily cracked by a nonstop brute force
search.
So, in order to increase the security, the dynamic randomize method is used. Each time during the
authentication phase, the location or the look of the image will be changed, and thus it will be very hard to be
cracked by only an automated program.
During authentication phase, the user is given 3 attempts to enter the correct password. If all 3 attempts
are failed, an acceptance test by fuzzy logic will be applied to determine whether the user can log in or
otherwise. Figure 2 shows the rules of the fuzzy inference:
Figure 2.
Rules of the Fuzzy Inferences
The acceptance test has 2 inputs – password length and click accuracy, and an output which is the result of
the acceptance test. Figure 3 depicts the membership functions of the password length:
short
medium
long
1
0
5
6
7
8
9
length
Figure 3.
Membership Function for the Password Length
Each attempt only allow maximum of two inaccurate clicks, and the minimum value follow the mapping
in Figure 4 is selected as the input for acceptance test. “1” indicates the actual password click, the value
decrease as the distance increase.
141
Figure 4.
0.1
0.1
0.1
0.1
0.1
0.1
0.1
0.1
0.4
0.4
0.4
0.4
0.4
0.1
0.1
0.4
0.7
0.7
0.7
0.4
0.1
0.1
0.4
0.7
1
0.7
0.4
0.1
0.1
0.4
0.7
0.7
0.7
0.4
0.1
0.1
0.4
0.4
0.4
0.4
0.4
0.1
0.1
0.1
0.1
0.1
0.1
0.1
0.1
Membership Function (Mapping) for Click Accuracy Distance
Sugeno fuzzy inference is used in this acceptance test. Sugeno fuzzy inference suggests using a single
spike, a singleton, as the membership function of the rule consequent. A singleton (fuzzy singleton) is a fuzzy
set with a membership function that is unity at a single particular point on the universe of discourse and zero
everywhere else. Figure 5 shows the singleton function for the result of the acceptance test:
fail
accepted
pass
0.1
0.4
0.7
1
0
Figure 5.
Singleton Membership Function for the Test Result
When the results of the acceptance test are accepted or pass, the login process will be successful. On the
other hand, when the result is fail, the login process will also be failed.
Finally, defuzzification is done using Equation (1) below:
(1)
where WA is the weighted average, μ is maximum value of click accuracy and length of password, k is
singleton constant, and n is number of attempts (i.e. 1, 2, and 3).
4.2.
Registration Module
To begin the registration, the user is required to enter a username between 4 to 8 characters. The system
then checks the availability of the username to make sure there is no duplication of username. If the username
has been used, the user will be notified and prompted to select another username. Otherwise, if the username
is valid, then an image selection screen will be prompted to the user to select an image as the pass-image and
enter password selection screen.
In password selection stage, the system divides the selected pass-image into 10×10 grids. The user
chooses at least 5 and no more than 9 grids as the password. After that, the user is required to repeat the
process to confirm the password. If the passwords match, the registration is completed. Otherwise, if the
142
passwords do not match, the user is required to repeat the steps. Figure 6 presents the registration Graphical
User Interface (GUI):
Figure 6.
Registration Graphical User Interface
4.3.
Authentication Module
To login, the user first enters the username. The system then checks the validity of the username. If the
username does not exist, the user is notified and required to re-enter the username again. On the other hand, if
the username exists, the authentication process will start with the randomized password selection screen.
The user is required to click on the password’s grids on the randomized location pass-image. If a
password match is found, the authentication is completed. Otherwise, if a match is not found, the user is given
2 more attempts. After 3 attempts, the authentication fails and the account is locked. Figure 7 shows the
authentication GUI:
Figure 7.
Authentication Graphical User Interface
In addition the the functions mentioned, the system also has a module that allows users to change
password.
5. Experiment Results
First of all, functional test is done. The system is tested based on the functional requirement and nonfunctional requirements as planned during the system planning.
Following that, an experiment of image selection is done by using Harris corner detector to find the key
points of the pass-images. There are 3 categories of images tested by this experiment which are: nature scene,
human and synthetic image – cartoon. Table 1 shows the number of key points in each image:
143
TABLE I.
NUMBER OF KEY POINTS IN EACH IMAGE
The nature scene images always have the highest number of key point and random distribute key points;
this is because the image of nature scene is very noisy. Human images are more smooth compared to nature
scene, and the key points always concentrate on certain area, e.g. eyes and nose. Cartoon always has the
fewest key points because there are make up by continuous line.
In other words, nature scene is the hardest to crack but without many memorable key points. Human and
cartoon images are more user friendly because the key points are concentrated on certain areas, which is easy
to be remembered by human.
6. Discussion
In terms of usability, the registration and authentication processes are simple; users only need to key in
their username and click on the password. The users did not get confused during the system test phase.
Besides, these processes are easy and fast. Users are allowed to proceed to their actual tasks with minimal
time. A degree of tolerance is allowed to increase the system usability. Furthermore, the user interface of the
system is simple and understandable to users on the first view. Lastly, the instructions are clear to guide new
users on how to use the system.
On the security aspect, the large password space and dynamic position of password of the system provide
high resistance to most common attack, e.g. brute-force search and shoulder-surfing attacks. The password is
also easy to be remembered and hard to be guessed. In addition, the account will be locked after 3 attempts if
the acceptance test is failed, this will further enhance the security of the system.
7. Conclusion
The password problem has made it clear that there are problems with the usability and security of
traditional text-based passwords. These problems exist due to the limitation of human’s Long Term Memory.
Throughout the last decade, several alternative mechanisms have been developed. However, due to the cost of
hardware, security and usability reasons, traditional text-based password remain dominant.
The purpose of this project is to develop a usable and secure graphical authentication scheme as an
alternative authentication system. Graphical password has been designed to overcome the text-based password
problems. Graphical passwords are more memorable compared to text-based passwords.
A dynamic block-style scheme for graphical passwords is proposed in order to enhance the security and
usability aspects in graphical passwords.
By implementing the dynamic block-style scheme, it provides larger password space than traditional textbased passwords. Beside that, certain degree of tolerance is allowed to increase the usability. In addition,
selection of the image also affects the security and usability of the system. Simple images increase the
usability, which are more users friendly and memorable. On the other hand, complex images are noisier and
thus harder to be cracked, but user may be confused when entering the password. Our scheme allows users to
choose their own pass-image.
In conclusion, by implementing the proposed dynamic block-style scheme, it is able to provide large
password space and reduces registration and authentication time. Therefore, it enhances the security and
usability in graphical passwords.
144
8. Acknowledgment
We thank Tan Chin Keong for implementing the system. This work is partially supported by research
grant "Projek Khas Pembantu Penyelidik kepada Pengetua Kolej Pertama R0029/2010A ".
9. References
[1] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, “PassPoint: Design and longitudinal
evaluation of a graphical password scheme,” International Journal of Human Studies 63 (2005) 102-127.
[2] P.C. van Oorschot, A. Salehi-Abari, J. Thorpe. Purely automated attacks on Passpoints-style graphical
passwords.IEEE Trans. Info. Forensics & Security, 5(3):393–405, 2010.
[3] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, "Authentication using graphical passwords:
Basic results," in Human-Computer Interaction International (HCII 2005). Las Vegas, NV, 2005.
[4] X. Suo, Y. Zhu, and G. S. Owen, “Graphical pass-words: A survey,” 21st Annual Computer Security Applications
Conference (ACSAC), pp. 463–472,Dec. 5-9, 2005.
[5] I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin, “The design and analysis of graphical
passwords,” in Proc. of 8th USENIX Security Symp., 1999.
[6] P. Dunphy and J. Yan, Do Background ImagesImprove “Draw a Secret”, Proceedings of the 14th ACM conference
on Computer andcommunicationssecurity,Session:Authentication and passwords, Alexandria,Virginia, USA, pp.
36-47, 2007.
[7] RealUser, "www.realuser.com," last accessed in June 2011.
[8] P. Dunphy, J. Nicholson, and P. Olivier, “Securing Passfaces for description,” in 4th ACM Symposium on Usable
Privacy and Security(SOUPS), July 2008.
[9] C. I. Podilchuk, E. J. Delp, “Digital Watermarking: Algorithms and Applications,” IEEE Signal Processing
Magazine, July 2001.
145