This document presents a Mutating Graphical Password System (MGPS) that combines traditional text-based passwords with graphical passwords. MGPS aims to provide the easy recall of graphical passwords while improving resistance to shoulder surfing attacks compared to previous graphical password systems. It works by mapping text passwords to graphical patterns on a grid, and generates a hash of the pattern sequence for authentication. The document outlines previous work, how MGPS works for registration and login, its security advantages over text and graphical passwords, and ideas for future enhancements.
1 of 15
Download to read offline
More Related Content
Major_Project
1. Presented By :
Nishit Jain
Arifullah Khan
Prajwal Kondawar
Nitin Walke
Guided By :
Chaitali Chandankhede
2. OUTLINE
Idea in a Nutshell
Previous Work
Our Solution
Working
Why Better ?
Future Enhancements
Conclusion
2/1
3. IDEA IN A NUTSHELL
What is MGPS ?
Mutating Graphical Password System
Pattern-Based
Pattern to text mapping
3/15
4. Text-Based Password
Advantages :
Well-Known
High Resistance To Shoulder Surfing
Limitations :
Password Complexity
Recall Failure
PREVIOUS WORK
4/15
5. PREVIOUS WORK
Graphical Password
Click-Based Password
Draw-A-Secret
Composite-Scene-Authentication
Image Based Authentication
5/15
6. PREVIOUS WORK
Graphical Password
Advantages :
Easy Recall
Ease Of Use
Limitations :
Very Poor Resistance To Shoulder Surfing
6/15
7. OUR SOLUTION
MGPS
TEXT-BASED GRAPHICAL
Resistance To
Shoulder Surfing
Easy Recall
Ease Of Use
Hybrid System Of Traditional Text-Based And Modern Graphical Password Techniques
7/15
9. Entered Password Is :
a1 a2 a3 a4 a5 a6 a7 a8
b1 b2 b3 b4 b5 b6 b7 b8
c1 c2 c3 c4 c5 c6 c7 c8
d1 d2 d3 d4 d5 d6 d7 d8
e1 e2 e3 e4 e5 e6 e7 e8
f1 f2 f3 f4 f5 f6 f7 f8
g1 g2 g3 g4 g5 g6 g7 g8
h1 h2 h3 h4 h5 h6 h7 h8
b2
b2-> f2-> f6
f2 f6
WORKING
REGISTRATION PHASE
Hash Value : A7FD9EBC210F
Hashing
Internal Representation :
(b2f2f6)
Hash Value is stored in the file as the users password
9/15
10. WORKING
LOGIN FLOWCHART
START
Generate New
Randomized Grid
Enter Next Vertex
Of The Password
Last Vertex
Entered?
Determine Vertex
Position ON Grid
Retrieve Hash
Sequence Of The
Original Password
Hash
Sequence
Matched?
Successful Login
END
No
No
Yes
Yes
Construct Final
Hash Sequence Of
The Password
10/15
11. WORKING
LOGIN PHASE
USERNAME :
PASSWORD :
MIT
W8 Q4R3
W8
R3 Q4
The password W8R3Q4 is internally
recognized as the sequence b2f2f6.
The Hash Value of this sequence is matched
against the file.
If the match is found, corresponding user is
successfully logged into the system.
11/15
12. WHY BETTER ?
Sr. No. Types Of Attacks Vulnerability
Text-Based Passwords Previous GPS MGPS
1. Brute-force High Moderate Low
2. Dictionary High NA NA
3. Shoulder Surfing Moderate High Very Low
4. Guessing High Moderate Low
5. Key Logging Very High Negligible Negligible
6. Rainbow Tables Moderate Moderate Comparatively Low
12/15
13. FUTURE ENHANCEMENTS
Implementation on Network Client-Server
Architecture
Devising methods to improve the memorability for
complex passwords
Optimization for low memory hand-held devices
13/15
14. CONCLUSION
Our system is very much resistant to various attacks
which are possible on the current password systems.
Combination of graphical pattern and textual input
makes the system unique in its own way.
14/15