Password authentication is a common approach to the system security and it is also a very important procedure to gain access to user resources. In the conventional password authentication methods a server has to authenticate the legitimate user. In our proposed method users can freely choose their passwords from a defined character set or they can use a graphical image as password and that input will be normalized. Neural networks have been used recently for password authentication in order to overcome pitfall of traditional password authentication methods. In this paper we proposed a method for password authentication using alphanumeric password and graphical password. We used Back Propagation algorithm for both alphanumeric (Text) and graphical password by which the level of security can be enhanced. This paper along with test results show that converting user password in to Probabilistic values enhances the security of the system
Computer security has become a very important part of human life. Recently authentication has become an important issue among many access control mechanisms. Secure networks allows only intended recipient to intercept and read a message addressed to him. Thus protection of information is required against possible violations than compromise its secrecy [1]. Secrecy is compromised if information is disclosed to users not authorized to access it. Password authentication is one of the mechanisms that are widely used to authenticate an authorized user [2]. The main limitation in using the traditional password authentication method is that, a server must maintain a password table that stores each user's ID and password. Therefore, the server requires extra memory space to store the password Password table is protected using hash functions later and instead of password table [3] verification table containing hashed password (encrypted) [4] will be stored in the server. Even though password is encrypted still there is a chance of modification of the verification table since it is open access environment.
There are many disadvantages in using this type of approach.
i. Attacker can easily change the details of users by using attacks like SQL-Injection.
ii. Password table occupies a lot of memory.
To avoid this problem we proposed a password authentication method using Back Propagation algorithm for both alphanumeric password (textual) and graphical password.
Before discussing the actual method we briefly discuss the related schemes for password authentication. Following the related review, our proposed scheme is presented. The implementation method, experiment, observations and results, advantages and disadvantages, conclusion and future scope are discussed in the last section of this paper
Authentication is the act of confirming the truth of an attribute of a datum or entity. This might involve confirming the identity of a person, tracing the origins of an artifact, ensuring that a product is what it’s packaging and labeling claims to be, or assuring that a computer program is a trusted one. One familiar use of authentication and authorization is access control. A computer system that is supposed to be used only by those authorized must attempt to detect and exclude the unauthorized. Access to it is therefore usually controlled by insisting on an authentication procedure to establish with some degree of confidence the identity of the user, hence granting those privileges as may be authorized to that identity.
Using strong passwords lowers overall risk of a security breach, but strong passwords do not replace the need for other effective security controls. The effectiveness of a password of a given strength is strongly determined by the design and implementation of the authentication system software, particularly how frequently password guesses can be tested by an attacker and how securely information on user passwords is stored and transmitted. Risks are also posed by several means of breaching computer security which are unrelated to password strength.
Alphanumeric password is derived from a Character Set. There are so many types of Character sets depending upon the application where we need authentication. One of the well known Character Set is the American Standard Code for Information Interchange (ASCII). It is a characterencoding scheme based on the ordering of the English alphabet. ASCII includes definitions for 128 characters: 33 are nonprinting control characters (now mostly obsolete) that affect how text and space is processed; 94 are printable characters, and the space is considered as an invisible graphic. A common attack against password authenticated systems is the dictionary attack. An attacker can write a program that, imitating a legitimate user, repeatedly tries different passwords, say from a dictionary, until it gets the correct password. We present an alternative defense against dictionary attacks by using Graphical password.
The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. To address this problem, we a developed authentication method that use pictures as passwords [5].
• A picture is worth a thousand words • Humans remember pictures better than words Although the main argument for graphical passwords is that people are better at memorizing graphical passwords than text-based passwords, the existing user studies are very limited and there is not yet convincing evidence to support this argument. Our preliminary analysis suggests that it is more difficult to break graphical passwords using the traditional attack methods such as brute force search, dictionary attack, or spyware. However, since there is not yet wide deployment of gra
This content is AI-processed based on open access ArXiv data.
