Abstrakt: |
Text-based passwords, despite their well-known drawbacks, remain the dominant user authentication scheme implemented. Graphical password systems, based on visual information such as the recognition of photographs and / or pictures, have emerged as a promising alternative to mitigate reliance on text passwords. Nevertheless, despite the advantages offered they have not been widely used in practice since many open issues need to be resolved. In this paper we propose a novel graphical password scheme, NAVI, where the credentials of the user are his username and a password formulated by drawing a route on a predefined map. We analyze the strength of the password generated by this scheme and present a prototype implementation in order to illustrate the feasibility of our proposal. Finally, we discuss NAVI's security features and compare it with existing graphical password schemes as well as text-based passwords in terms of key security features, such as password keyspace, dictionary attacks and guessing attacks. The proposed scheme appears to have the same or better performance in the majority of the security features examined. [ABSTRACT FROM PUBLISHER] |