Abstract: In computer security, authentication is such a technique by which the system identifies the genuine users. Among several authentication schemes password based authentication is still one of the widely accepted. Color password is widely famous, but it is prone to shoulder surfing attacks, in which an attacker can record the login procedure of a user for an entire session and can retrieve the user original PIN. Traditional PIN-entry methods are vulnerable to a wide class of observation attacks such as brute force attacks, side channel attacks etc. A number of alternative PIN-entry methods that are based on human cognitive skills have been proposed till date. These methods can be classified into two classes regarding information available to a passive adversary: fully observable and partially observable. In this paper, we propose an intelligent user interface, known as Color Lock to resist the password attacks so that any genuine user can enter the session PIN without disclosing the actual PIN. The Color Lock is based on a partially observable attacker model. The experimental analysis shows that the Color Lock interface is safe and easy to use.
Keywords: Color PIN, Shoulder Surfing Attack, User Interface, Partially Observable.
Title: Color Lock: Against Password Attacks
Author: Joelin Mary Jose, Jannet Paul, Pradeep P Mathew
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Research Publish Journals