TY - JOUR
T1 - Enhanced textual password scheme for better security and memorability
AU - Bhanbhro, Hina
AU - Nizamani, Shah Zaman
AU - Hassan, Syed Raheel
AU - Bakhsh, Sheikh Tahir
AU - Alassafi, Madini O.
N1 - Publisher Copyright:
© 2018, (IJACSA) International Journal of Advanced Computer Science and Applications.
PY - 2018
Y1 - 2018
N2 - Traditional textual password scheme provides a large number of password combinations but users generally use a small portion of available password space. Complex textual passwords are difficult to remember, therefore most users choose passwords with small length and contain dictionary words. Due to the use of small password length and dictionary words, textual passwords become easy to crack through offline guessability attacks. Traditional textual passwords scheme is also weak against keystroke logger attacks because alphanumeric characters are directly inserted into the password field. In this paper, enhancements are proposed in the registration and login screen of the traditional textual password scheme for improving security against offline guessability attacks and keystroke logger attacks. The proposed registration screen also improve memorability of traditional textual passwords through visual cues or patternbased approach. In the proposed login screen, passwords are indirectly inserted into the password field, to resist keystroke logger attacks. A comparative analysis between the passwords created in traditional and proposed pattern-based approach is presented. The testing results show that users create strong and high entropy passwords in the proposed pattern-based approach as compared to the traditional textual passwords approach.
AB - Traditional textual password scheme provides a large number of password combinations but users generally use a small portion of available password space. Complex textual passwords are difficult to remember, therefore most users choose passwords with small length and contain dictionary words. Due to the use of small password length and dictionary words, textual passwords become easy to crack through offline guessability attacks. Traditional textual passwords scheme is also weak against keystroke logger attacks because alphanumeric characters are directly inserted into the password field. In this paper, enhancements are proposed in the registration and login screen of the traditional textual password scheme for improving security against offline guessability attacks and keystroke logger attacks. The proposed registration screen also improve memorability of traditional textual passwords through visual cues or patternbased approach. In the proposed login screen, passwords are indirectly inserted into the password field, to resist keystroke logger attacks. A comparative analysis between the passwords created in traditional and proposed pattern-based approach is presented. The testing results show that users create strong and high entropy passwords in the proposed pattern-based approach as compared to the traditional textual passwords approach.
KW - Alphanumeric passwords
KW - Authentication
KW - Security
KW - Usability
UR - http://www.scopus.com/inward/record.url?scp=85054010784&partnerID=8YFLogxK
U2 - 10.14569/IJACSA.2018.090730
DO - 10.14569/IJACSA.2018.090730
M3 - Article
AN - SCOPUS:85054010784
SN - 2158-107X
VL - 9
SP - 209
EP - 215
JO - International Journal of Advanced Computer Science and Applications
JF - International Journal of Advanced Computer Science and Applications
IS - 7
ER -