A password is said to be secure, if it is resistant to various forms of attack. The oldest authentication approach used in computer systems is the text-based approach, which requires that the user supplies textual password in order to gain access to the system. Overtime, this approach has been shown to have a significant drawback and several vulnerabilities, one of which is the difficulty involved in remembering textual passwords. Textual passwords are vulnerable to several attacks like brute force attacks, shoulder spying, dictionary attacks etc. Graphical Password was introduced which involves the use of images for user authentication. In this research work, we developed a position-based multi-layer graphical user authentication system, in order to solve shoulder surfing attacks that most graphical password authentication schemes are faced with. The system authenticates users in three different phases so as to ensure maximum system security. The exact position of the images that the user selects during the registration phase will make up the user’s password. However, the images will be randomized during the login phase in order to confuse attackers. The newly develop system was evaluated using three performance metrics: (1) Security, (2) Usability, (3) Reliability, and the result showed that the newly developed methodology is suitable for use, very reliable and provides maximum system security.
Published in | American Journal of Software Engineering and Applications (Volume 11, Issue 1) |
DOI | 10.11648/j.ajsea.20221101.11 |
Page(s) | 1-11 |
Creative Commons |
This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited. |
Copyright |
Copyright © The Author(s), 2022. Published by Science Publishing Group |
Graphical User Authentication, Multi-layer, Randomization, Position-Based, Security, Shoulder Surfing
[1] | Abhijith S, S. S. (2021). Web Based Graphical Password Authentication System. International Journal of Engineering Research & Technology, 1-4. |
[2] | Abiodun Esther Omolara, A. J. (2019). FingerEye: Improving Security and optimizing ATM transaction time based on Iris-Scan Authentication. International Journal of Electrical and Computer Engineering (IJECE), 1-9. |
[3] | Adnan Ali 1, H. R. (2019). A Fractal-Based Authentication Technique Using Sierpinski Triangles in Smart Devices. Sensors, 1-19. |
[4] | Alsaiari H, P. M. (2016). Graphical One-time Password (GOTPass): A Usability Evaluation. Centre for Security Communication and Network Research, School of Computing Electronics and Mathematics, 1-31. |
[5] | Belk, M. F. (2017). An Interplay Between Humans, technology and Users Authentication: A Cognitive Processing Perspective. Central Lancashire online Knowledge, 1-32. |
[6] | Christina Katsini, Christos Fidas, Marios Belk, George Samaras, Nikolaos Avouris. (2019). A Human Cognitive Perspective of Users' Password Choices in Recognition-based Graphical Authentication. International Journal of Human-Computer Interaction, 1-24. |
[7] | Gouri Sankar Mishra, P. K. (2020). User Authentication: A Three Level Password Authentication Mechanism. Journal of Physics: Conference Series, 1-8. |
[8] | Harinandan Tunga, D. S. (2015). Graphical User Authentication Techniques for Security: A Comparative Study. International Journal of Engineering and Advanced Technology (IJEAT), 1-7. |
[9] | Jiya Gloria Kaka, I. O. (2021). Recognition Based Graphical Password Algorithms: A Survey. 1-10. |
[10] | Lip Yee Por, C. S. (2019). Preventing Shoulder-Surfing Attacks using Diagraph Substitution Rules and Pass-Image Output feedback. Symmetry, 1-16. |
[11] | M. Kannadasan, J. r. (2017). Shoulder Surfing Resistant Graphical Authentication System using Pass Matrix. International Journal of Scientific & Engineering Research Volume 8, Issue 5, May-2017, 1-5. |
[12] | Salim Istyaq, A. N. (2021). Hybrid Graphical User Authentication Schemes Using Grid Code. International Journal of Engineering Trends and Technology, 1-11. |
[13] | Sileyew, K. J. (2019). Research Design and Methodology. Intech Open, 1-14. |
[14] | Sreelatha, S. A. (2011). Authentication Schemes for Session Passwords using Color and Images. International Journal of Network Security & Its Applications (IJNSA), Vol. 3, No. 3, 9. |
[15] | Vimal Gaur, A. S. (2017). Authentication using a Combination of Color Scheme and Musical Notes. International Journal of Engineering Research & Technology (IJERT), 1-5. |
APA Style
Audu Lovingkindness Edward, Hassan Umar Suru, Jasmyne Okudo. (2022). Position-Based Multi-Layer Graphical User Authentication System. American Journal of Software Engineering and Applications, 11(1), 1-11. https://doi.org/10.11648/j.ajsea.20221101.11
ACS Style
Audu Lovingkindness Edward; Hassan Umar Suru; Jasmyne Okudo. Position-Based Multi-Layer Graphical User Authentication System. Am. J. Softw. Eng. Appl. 2022, 11(1), 1-11. doi: 10.11648/j.ajsea.20221101.11
@article{10.11648/j.ajsea.20221101.11, author = {Audu Lovingkindness Edward and Hassan Umar Suru and Jasmyne Okudo}, title = {Position-Based Multi-Layer Graphical User Authentication System}, journal = {American Journal of Software Engineering and Applications}, volume = {11}, number = {1}, pages = {1-11}, doi = {10.11648/j.ajsea.20221101.11}, url = {https://doi.org/10.11648/j.ajsea.20221101.11}, eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ajsea.20221101.11}, abstract = {A password is said to be secure, if it is resistant to various forms of attack. The oldest authentication approach used in computer systems is the text-based approach, which requires that the user supplies textual password in order to gain access to the system. Overtime, this approach has been shown to have a significant drawback and several vulnerabilities, one of which is the difficulty involved in remembering textual passwords. Textual passwords are vulnerable to several attacks like brute force attacks, shoulder spying, dictionary attacks etc. Graphical Password was introduced which involves the use of images for user authentication. In this research work, we developed a position-based multi-layer graphical user authentication system, in order to solve shoulder surfing attacks that most graphical password authentication schemes are faced with. The system authenticates users in three different phases so as to ensure maximum system security. The exact position of the images that the user selects during the registration phase will make up the user’s password. However, the images will be randomized during the login phase in order to confuse attackers. The newly develop system was evaluated using three performance metrics: (1) Security, (2) Usability, (3) Reliability, and the result showed that the newly developed methodology is suitable for use, very reliable and provides maximum system security.}, year = {2022} }
TY - JOUR T1 - Position-Based Multi-Layer Graphical User Authentication System AU - Audu Lovingkindness Edward AU - Hassan Umar Suru AU - Jasmyne Okudo Y1 - 2022/04/20 PY - 2022 N1 - https://doi.org/10.11648/j.ajsea.20221101.11 DO - 10.11648/j.ajsea.20221101.11 T2 - American Journal of Software Engineering and Applications JF - American Journal of Software Engineering and Applications JO - American Journal of Software Engineering and Applications SP - 1 EP - 11 PB - Science Publishing Group SN - 2327-249X UR - https://doi.org/10.11648/j.ajsea.20221101.11 AB - A password is said to be secure, if it is resistant to various forms of attack. The oldest authentication approach used in computer systems is the text-based approach, which requires that the user supplies textual password in order to gain access to the system. Overtime, this approach has been shown to have a significant drawback and several vulnerabilities, one of which is the difficulty involved in remembering textual passwords. Textual passwords are vulnerable to several attacks like brute force attacks, shoulder spying, dictionary attacks etc. Graphical Password was introduced which involves the use of images for user authentication. In this research work, we developed a position-based multi-layer graphical user authentication system, in order to solve shoulder surfing attacks that most graphical password authentication schemes are faced with. The system authenticates users in three different phases so as to ensure maximum system security. The exact position of the images that the user selects during the registration phase will make up the user’s password. However, the images will be randomized during the login phase in order to confuse attackers. The newly develop system was evaluated using three performance metrics: (1) Security, (2) Usability, (3) Reliability, and the result showed that the newly developed methodology is suitable for use, very reliable and provides maximum system security. VL - 11 IS - 1 ER -