PassMatrix: Graphical Based Authentication System for Shoulder Surfing Attack Resistant
Keywords:
Graphical Passwords, Authentication, Shoulder Surfing AttackAbstract
The authentication based on the passwords is used mostly in applications for the computer security and
privacy. However, the human actions such as selecting less secured passwords credentials and inputting passwords in an
insecure way are considered ”the weakest link” within the authentication chain. Instead of arbitrary alphanumeric
strings, users tend to select passwords either short or purposeful for simple memorization. With internet applications and
mobile apps pile up, individuals will access these applications anywhere and anytime with different devices. This
evolution brings good convenience however it will increases the probability of exposing passwords credentials to
shoulder surfing attacks. Attackers will observe directly or use external recording devices to get users’ credentials. To
overcome this issue, proposed a novel authentication system named PassMatrix, which is based on graphical passwords
to resist shoulder surfing attacks. With a one-time valid login indicator and change of location horizontal and vertical
bars covering the complete scope of pass-images, PassMatrix offers no hint for attackers to work out or narrow down the
password even they conduct multiple camera-based attacks. Implemented a PassMatrix prototype on web applications
and allotted real user experiments to describee its memorability and usefulness. From the experimental result, is shown
that, the proposed system achieves better resistance to shoulder surfing attacks whereas maintaining usability.
