Efficacy of Object-Based Passwords for User Authentication

11/30/2017
by   Sufian Hameed, et al.
0

Traditional text-based password schemes are inherently weak. Users tend to choose passwords that are easy to remember, making them susceptible to various attacks that have matured over the years. ObPwd [5] has tried to address these issues by converting user-selected digital objects to high-entropy text passwords for user authentication. In this paper, we extend the ObPwd scheme with a new object based password scheme that performs majority of the computation at the server side. This paper essentially discusses two frameworks for object password schemes, an object hash-based scheme (where the client machine computes the hash of the object to be used as text password) and an object-based scheme (where the object is directly transmitted to the server as password). We also evaluate the performance of both the object password schemes against conventional text-based password schemes using prototypes of each of the frameworks. Implications with respect to ease of use, sharing and security are also discussed.

READ FULL TEXT

Authors

page 1

page 2

page 3

page 4

11/29/2017

Secure Encryption scheme with key exchange for Two server Architecture

In the distributed environment, authentication and key exchange mechanis...
10/07/2011

A Probabilistic Approach for Authenticating Text or Graphical Passwords Using Back Propagation

Password authentication is a common approach to the system security and ...
01/25/2021

DAHash: Distribution Aware Tuning of Password Hashing Costs

An attacker who breaks into an authentication server and steals all of t...
01/29/2021

Detection and Prevention of New Attacks for ID-based Authentication Protocols

The rapid development of information and network technologies motivates ...
02/22/2019

RAMHU: A New Robust Lightweight Scheme for Mutual Users Authentication in Healthcare Applications

Providing a mechanism to authenticate users in healthcare applications i...
10/29/2021

2D-2FA: A New Dimension in Two-Factor Authentication

We propose a two-factor authentication (2FA) mechanism called 2D-2FA to ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.