TABLE OF CONTENT

1. ABSTRACT ……………………………………………………3
2. INTRODUCTION ………………………………………………4
3. PUROPOSE ……………………………………………………6
4. SCOPE ………………………………………………………….7
4.1 DESIGN AND IMPLEMENTATION
4.2 USABILITY ACROSS WEB PLATFORMS
4.3 SCALABILITY
4.5 SECURITY ENHANCEMENT
4.5 INTEGRATION WITH EMERGING TEACHNOLOGIES
5. FEATURES ………………………………………………………8
5.1 Innovative authentication mechanism
5.2 User centric design
5.3 Security enhancement
5.4 Compatibility
5.5 Scalability
5.6 Adaptability to emerging technologies
6. SOFTWARE AND HARDWARE REQUIREMENT
(Specifications) …………………………………………………….10
7. USER QUESTIONNARIE ……………………………………….11

1
8. ADVANTAGES AND DISADVANTAGES …………………….12
8.1 Advantages
8.2 Disadvantages
8.3 Limitations
9. METHOLOGY …………………………………………………….13
10. COMPARISION OF PASSWORD TECHNOLOGIES ……...14
11. ANALYSIS AND RESULT …………………………………….15
11.1 USER FRIENDLY INTERFACE OF
GRAPHICAL PASSWORD
11.2 APPLICATION
12. SECURITY ANALYSIS ………………………………………..16
13. SCREENSHOTS ……………………………………………….17
14. Dataflow diagram ……………………………………………...21
13.1 Working
15. HIERARCHICAL REPRESENTATION ………………………23
16. MODULES ………………………………………………………24
17. NON-FUNCTIONAL REQUIREMENTS ……………………..24
18. FUTURE SCOPE ……………………………………………….25
19. REFERENCES ……………………………………………….…26
20. CONCLUSION ………………………………………………….27

2
Graphical passwords provide a
promising alternative to
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation
with some examples, and highlight
important aspects of the
system
Graphical passwords provide a
promising alternative to

3
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation

with some examples, and highlight

important aspects of the
system
Graphical passwords provide a
promising alternative to
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.
4
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation
with some examples, and highlight
important aspects of the
system
Graphical passwords provide a
promising alternative to
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation

5
with some examples, and highlight
important aspects of the
system
Graphical passwords provide a
promising alternative to
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation
with some examples, and highlight
important aspects of the
system
Graphical passwords provide a
promising alternative to
6
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation
with some examples, and highlight
important aspects of the
system.
Graphical passwords provide a
promising alternative to
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.

7
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation
with some examples, and highlight
important aspects of the
system.
Graphical passwords provide a
promising alternative to
traditional alphanumeric passwords.
They are attractive
since people usually remember
pictures better than words.
In this extended abstract, we propose a
simple graphical
password authentication system. We
describe its operation

8
with some examples, and highlight
important aspects of the
system.
1. Abstract -
Graphical password authentication is an alternate and yet evolving type of
authentication in this current era, it is either recall or recognition based. User will either
reproduce the image or recognize the images which was used or produced during the
registration phase. Passwords guards the resources and information by allowing only
designated person to access. Graphical password is new, trending and seems to be
very promising method of authentication.it exists as an alternative to the text password.
Alphanumeric usernames and passwords are the most common technique put in use.
This technique showed to have some of it's advantages over simple text password but
also with some cons too. When it comes to alphanumeric passwords, user either will try
to keep a simple strength password which stands a chance to get cracked, but it gets
inconvenient for the users to remember the strong strength passwords. With the
graphical password, user will keep images or points-of-interest of images as password.
Most advanced and secure type of authentication for these days is bio-metric, but it is
too expensive to be used by all. Therefore, graphical password which is less expensive,
secure and easy to be used by all can be considered as a perfect alternative method of
authentication. Graphical password is one of Security aspect for authentication of
computer security. Nowadays digital/computer security is most important things in
computer science for protected user or customer data. And Shoulder-surfing is a one of
the threats where a criminal can steal a password by direct observation or by recording
the authentication session. There are several techniques available for this
authentication, the most prevalent and simple of which is the Graphical password
technique. So, we suggest a new technique to combat this problem. We have
developed two concepts to combat shoulder surfing attacks. First, the user must register
if the registration does not exist. Second, you must log in with a valid user ID and
password. The password is a grouping of characters and numbers. Third, user has to
cross image-based authentication where user can choose their password and this
method have higher chances to offset each other. You should choose password
according to the registration password, it must to match at login time. In color base
authentication, there should be several color base passwords and depending on the
color, you need to remember the password sequence. And it’s like three-factor
authentication. So, here is proposed a new graphical password authentication technique
that is resilient to shoulder surfing and also to other types of probable attacks.

9
2. Introduction -
In the dynamic landscape of the digital age, the security of online platforms and the
protection of user data have become paramount concerns. As the frequency and
sophistication of Cyber threats continue to escalate, traditional methods of user
authentication, such as alphanumeric passwords, are increasingly vulnerable to
breaches. To address this vulnerability, there is a growing demand for innovative and
secure authentication mechanisms. One such avenue of exploration is the integration of
graphical elements into the authentication process, ushering in a new era of security
and user experience for websites.

The concept of graphical user authentication represents a departure from the

conventional reliance on text-based passwords. While alphanumeric passwords have
been the cornerstone of online security for decades, their limitations are becoming
increasingly apparent. Users are often burdened with the challenge of creating and
remembering complex passwords, leading to the widespread use of weak and easily
guessable combinations. Moreover, the rise of sophisticated hacking techniques,
including brute force attacks and phishing schemes, has underscored the vulnerability
of password-based systems.

In response to these challenges, the exploration of alternative authentication methods

has gained traction, with graphical user authentication emerging as a promising frontier.
Unlike traditional passwords, which rely on character sequences, graphical
authentication leverages visual elements to verify a user's identity. This paradigm shift
introduces a new layer of complexity for potential intruders, making it inherently more
resistant to various forms of Cyber threats.

The primary objective of graphical user authentication is to enhance the security posture
of websites while simultaneously improving the user experience. By tapping into the
human ability to recognize and recall visual patterns, this approach aims to create
authentication mechanisms that are both robust and user-friendly. The incorporation of
graphical elements in the authentication process not only adds an extra layer of security
10
but also addresses the human factor in security – a critical consideration given that user
behavior significantly influences the effectiveness of any security system.

This exploration is particularly timely in the context of the evolving Cyberthreat

landscape. High-profile data breaches and the compromise of sensitive information
underscore the urgency for adopting innovative security measures. Graphical user
authentication offers
a departure from the status quo, challenging the notion that security measures must be
arduous for end-users. Instead, it proposes a paradigm where security is not only robust
but also seamlessly integrated into the user's digital experience.

As we delve into the realm of graphical user authentication for websites, it is essential to
consider the diverse range of graphical elements that can be employed. From image-
based authentication to pattern recognition, the possibilities are vast, providing an
opportunity for customization based on the specific requirements of a website and the
preferences of its user base. Moreover, the integration of graphical authentication aligns
with the broader trend of Human-centric design, where technology adapts to human
behavior, making the digital experience more intuitive and secure.

This exploration into graphical user authentication is not merely a theoretical endeavor
but a practical response to the evolving demands of the digital landscape. As we
navigate this landscape, it becomes evident that a multifaceted approach to security,
combining technological innovation with User-centric design, is crucial. The subsequent
sections of this documentation will delve into the intricate details of implementing
graphical user authentication for websites, examining the technological foundations,
design considerations, and the potential impact on user security and experience.
Through this exploration, we aim to contribute to the ongoing dialogue on advancing the
security landscape of the digital realm.

11
3. PROBLEM DEFINITION:
Most of the graphical passwords are vulnerable to shoulder surfing. In Pass matrix, the
pass-image is displayed on the screen and the user can easily identify the pass image.
Pass Matrix is vulnerable to random guess attacks based on hot-spot analysis. This
method is only implemented in mobile devices for screen locking.

3.1 OUR PROPOSED SYSTEM:

The proposed system allows the user to create a graphical password by first selecting
an image from a collection of available pictures . In the selected image the user has to
select one grid as the password. The selected image is watermarked with a cover
image using Generic Visible Watermark Embedding technique. The method is based on
the use of deterministic one-to-one compound mappings of image pixel values for
overlaying a variety of visible watermarks of arbitrary sizes on cover images. During
login, after entering the user details a QR Code is generated in the computer. User has
to scan the QR code using his mobile phone. After scanning, a collection of images will
appear on the screen of the phone. User has to select the image. After choosing the
correct image, the watermarked image will appear on the screen. User has to choose
the correct grid position that he has already registered in the watermarked image.

12
4. Purpose –
In the realm of Cyber Security, the traditional paradigm of password-based
authentication is facing escalating challenges. The ubiquity of alphanumeric passwords
has led to a proliferation of security breaches, with users grappling with issues like weak
password choices, password reuse across multiple platforms, and vulnerability to
increasingly sophisticated Cyber threats. The purpose of the project titled "Graphical
User Authentication for Websites" is to revolutionize the conventional methods of user
authentication by introducing an innovative, visually-oriented approach that not only
bolsters security but also enhances the user experience.
The primary impetus behind this project is to counteract the limitations and
vulnerabilities inherent in alphanumeric password systems. Graphical User
Authentication (GUA) recognizes that humans possess an innate inclination towards
visual memory and recognition. Leveraging this aspect of human cognition, the project
seeks to replace or augment traditional passwords with graphical elements such as
images, patterns, or symbols. This shift in authentication methodology is underpinned
by the purpose of creating a more intuitive, memorable, and inherently secure user
authentication process.
A pivotal aspect of the project's purpose is to foster a Human-centric approach to
Cybersecurity. By acknowledging the cognitive strengths of users, GUA aims to create
an authentication experience that is not only more secure but also aligns with the
natural inclinations of human memory and perception. The purpose extends beyond
technological innovation to address the psychological and behavioral aspects of user
interaction with authentication systems.
The scope of the project is vast, encompassing the design, implementation, and
evaluation of a Graphical User Authentication system tailored explicitly for websites.
The purpose includes ensuring the adaptability and compatibility of the system with
diverse web-based platforms, ranging from personal blogs to enterprise-level
applications. Moreover, the project's purpose extends to examining the scalability of the
solution, anticipating its efficacy across various scales and types of websites.
As technology evolves, so does the scope of GUA. The purpose embraces the
exploration of potential integration s with emerging technologies such as mobile
13
applications and the Internet of Things (IOT). This forward-looking approach ensures
that the project remains relevant and adaptive to the future landscape of digital security.
In summary, the purpose of the "Graphical User Authentication for Websites" project is
to usher in a new era of cybersecurity by redefining user authentication through
innovative graphical elements. By addressing the shortcomings of traditional password
systems, the project aims to enhance security, usability, and user satisfaction in the
digital realm.

5. Scope -
The scope of the "Graphical User Authentication for Website" project is comprehensive,
encompassing multiple dimensions to ensure its relevance, effectiveness, and
adaptability in the dynamic realm of web security. The project's scope extends across
design, implementation, evaluation, and potential integration into emerging
technologies, with a keen focus on addressing the shortcomings of traditional
authentication methods.

5.1 Design and Implementation: The project's core scope involves the
meticulous design and implementation of a robust Graphical User Authentication
(GUA) system tailored explicitly for websites. This includes the creation of a diverse
set of graphical elements, symbols, or patterns that users can employ to
authenticate their identity. The design will prioritize User-Centric principles to ensure
that the authentication process is not only secure but also user-friendly and
memorable.
5.2 Usability across Web Platforms: Recognizing the diversity of web
platforms, from personal blogs to enterprise-level applications, the project's scope
extends to ensuring the compatibility and seamless integration of GUA into various
web-based systems. This adaptability is crucial to accommodate the different scales,
purposes, and technical architectures of websites.
5.3 Scalability: The solution's scalability is a critical aspect of the project's scope,
aiming to provide a flexible authentication method that can be implemented across a
wide range of websites. Whether a small-scale personal blog or a large-scale
enterprise application, the GUA system should scale effectively without
compromising its security or usability.
5.4 Security Enhancement: The primary objective of the project is to enhance
the security landscape of website authentication. The scope includes addressing
vulnerabilities associated with traditional password systems, providing a more
secure alternative that mitigates risks such as password reuse, brute force attacks,
and phishing.

14
 5.5 Integration with Emerging Technologies: To ensure the project's
longevity and relevance, the scope extends to exploring potential integration with
emerging technologies. This includes investigating how GUA can be seamlessly
integrated into mobile applications and Internet of Things (IOT) devices. This
forward-looking approach aligns the project with the ongoing evolution of digital
technologies.
In conclusion, the scope of the "Graphical User Authentication for Website" project is
multifaceted, covering design, implementation, compatibility, scalability, security
enhancement, integration with emerging technologies, and continuous improvement
through user feedback. This comprehensive scope positions the project as a holistic
solution to the contemporary challenges of website authentication, with a vision for
future adaptability and innovation

6. Features –
6.1 Innovative Authentication Mechanism: The project introduces a paradigm
shift in user authentication by adopting a novel graphical approach. Departing from
traditional alphanumeric passwords, this innovative mechanism employs visual
elements to create a more intuitive and secure authentication process. Users will
interact with graphical patterns, symbols, or images, enhancing both the memorability
and effectiveness of the authentication experience.

6.2 User-Centric Design: A distinguishing feature of the project lies in its user-
centric design. Recognizing the natural inclination of human cognition towards visual
elements, the graphical user authentication system is crafted to align with users'
cognitive strengths. By incorporating familiar visual cues, the system aims to create an
authentication process that is not only secure but also seamlessly integrates with users'
cognitive processes, promoting a positive and memorable user experience.

6.3 Security Enhancement: Addressing the inherent vulnerabilities of traditional

alphanumeric passwords, the project significantly enhances security. Graphical User
Authentication adds an extra layer of complexity and uniqueness to user credentials,
mitigating risks associated with password-related threats such as brute-force attacks
and password reuse. This feature ensures a robust defense against evolving cyber
threats in the digital landscape.

6.4 Compatibility: Ensuring widespread adoption, the project prioritizes

compatibility with various web-based platforms. Whether implemented on personal
blogs, e-commerce sites, or enterprise-level applications, the graphical user
authentication system is designed for seamless integration. This inclusive enhances its

15
applicability across diverse digital environments, making it accessible and beneficial for
a broad spectrum of websites.

6.5 Scalability: The scalability of the solution is a key feature, allowing it to cater to
websites of varying scales and complexities. From small-scale personal websites to
large-scale enterprise applications, the graphical user authentication system is
engineered to scale effectively. This adaptability ensures that the benefits of enhanced
security and user-centric design are accessible to websites irrespective of their size or
purpose.

In summary, the "Graphical User Authentication" project offers a suite of features that
collectively redefine the standards for website security and user experience. From its
innovative authentication mechanism to its adaptability to emerging technologies, the
project is poised to usher in a new era of secure and user-friendly authentication for
websites.

7. Software Requirement and Hardware Requirement

(Minimum Specifications) –
7.1 Software Requirements-

 HTML
 JAVASCRIPT
 CSS
 Web Browser
 A builtin website

7.2 Hardware Requirement -

 A large amount of storage space(Minimum storage- 4gm Ram)

 A high-speed storage device (such as a SSD)
 A powerful CPU and GPU ( i3 or Ryzen 3 or more) i3 Processor Based Computer or
higher
 i3 Processor Based Computer or higher
 Memory: 1 GB
 Hard Drive: 50 GB
 Monitor
 Internet Connection

16
8. USER QUESTIONNAIRE -
Here are some of them:

 Survey on Graphical Password Authentication System:

 This paper provides a survey of various graphical authentication schemes and their
advantages and disadvantages.
 It also suggests a road map for future enhancement of graphical authentication
systems.
 Survey on Recognition-Based Graphical User Authentication Algorithms: This paper
describes eight recognition-based authentication algorithms and compares them
based on usability and security standards from ISO and attack patterns.
 A survey on usability and security features in graphical user authentication
algorithms: This paper reviews the security and usability features of graphical
password authentication schemes and classifies them into three categories: recall-
based, recognition-based, and cued recall-based.
 Recognition-Based Graphical Password Algorithms: A Survey: This paper presents
a comprehensive survey of recognition-based graphical password algorithms and
analyzes them based on various criteria such as memory load, password space,
etc.

GRAPHICAL PASSWORD: Graphical passwords lead to using pictures (also

drawings) as passwords. In theory, graphical passwords are more comfortable to
remember, since humans remember pictures better than words. Also, they should be
more resistant to brute-force attacks, because the research space is practically Infinite.
In usual, graphical passwords techniques are classic-fied into two main sections.
17
PROPOSED SYSTEM: The proposed authentication system operates as follows. At
the time of registration, a user performs a graphical password by first opening a picture
he or she wants. The user then takes several point-of-interest (POI) areas in the picture.
Each POI is defined by a circle (center and radius). For every POI, the user types a
word or phrase that would be connected with that POI.

9. ADVANTAGES AND DISADVANTAGES:

9.1 ADVANTAGES:

 The system is user-friendly and has an easy interface.

 It provides strong security against bot attacks or hackers.
 Protects systems exposed to attacks.
 Graphical passwords systems provide a way of making more human-friendly
passwords.
 In this system, the security of the system is very high.
 Dictionary advances and brute power searches are infeasible.
 Easy to remember and hard to guess for others.
 Here the security of the system is very high

9.2 DISADVANTAGES:
 The only disadvantage is if users forget the password, it cannot be recovered. So,
they can lose their security.
 Sometime remembering the pattern is Difficult.
 You can’t recover your password one you have refreshed your password.
 It will be difficult to find the images if you shuffle the images each time you login.

18
9.3 LIMITATION-
 Need a large amount of RAM.
 Need a real-time system to keep the passwords save.

10. METHODOLOGY-
In this project when any user tries to access the Homepage, they will be provided with
three options register, login and about developer. If you have not registered yet, then
you have to click register option.
9.1 Then register page will appear, you have to provide first text base password and
necessary information like first name, last name, email, password, security question
etc.
9.2 After clicking next Second color base graphical password security page will
appear, then u have to select password sequentially. And you have to remember
sequentially base on color.
9.3 After clicking next Image base password page will appear, you have to select
multiple images as a password and save it.
9.4 Then you have to come back to home page, then you have to click on login.
After that you have to provide the username and correct password. If text base
username and password are correct, then you have successfully login in text base
password.
9.5 Then color base password page will appear, after that you have to give color
base password. If it is correct, then you have successfully login in color base
password.
9.6 Then Image base password page will appear, after that you have to select image
base on password. If it is correct, then you have successfully login in image base
password.
9.7 Then main page will come.

19
 11. Comparison Of Password Technologies-

Comparison Text Based Color Based Image Based

Security Less Highest Highest

Required Cost Nothing Less Less

Usability Easy Easy Easiest

Availability Always Always Always

GUI User Friendly / Not user friendly / User Friendly / more

attractive Attractive Attractive

12. ANALYSIS AND RESULT-

12.1 User Friendly Interface of Graphical Password - Graphical password
is a user-friendly authentication system. User friendly authentication means we can use
this system everywhere like any device or any site. It is very easy to use and everyone
can easily remember their password. This graphical password system is an alternative
solution for text-based password. Graphical authentication system, where a user can
register randomly and it’s more secure password than others. In this system main
characteristic, there is no difficulty in remembering the registered password. The basic
goal of this system is to achieve higher security with easy technique to use by a user
and difficult to guess by a hacker.

12.2 Application - We are using digital devices everyday where we have to come
cross an authentication process every time. graphical password is a user-friendly
authentication system. So, we are approaching to use everywhere like on web
development, desktop level and any other application level. Some applications which
are presently using graphical password authentication systems.
• Web application. • Mobile system.
• File locks system. • Desktop security level.

20
13. Security Analysis -
Graphical password system offers a strong security against brute force and guessing
attacks as it has two level of graphical passwords system. The password system is
difficult to guess the password system by a person and it is a shoulder-surfing
resistance system. It has a very large password range.
For this project we used 3 level of security Authentication following:

For step1: Authentication of text base password.

For step2: Color Base Authentication.
For step3: Image Base Authentication

1. Brute Force Attack: Brute force is a digital attack where the attacker tries to
guess the correct password. So, to defend against brute force attacks they
system should have a large combination of password which is very difficult to
remember for human. Instants of large text password we create a graphical
password interface. It is very difficult to guess the correct password.
2. Spyware: Spyware is another possible attack mechanism for graphical
passwords. There are several types of spyware including keyloggers, hijackers
and spy bots. Spyware collects information entered by the user. With graphical
passwords, it is more difficult to conduct spyware-based attacks because it is
harder to copy mouse motions exactly. Combinations of pass images and
CAPTCHA may be especially resistant to spyware

21
14. Screenshots –

This is the interface of the website when you open it. It will directly show you the
authentication page. If you have previously created your account in the same session
then you can directly login to the website and authenticate yourself by typing the correct
mail id and correctly selecting the series of images in an order as selected previously.

If you don’t have your account then you have to click on sign up button and create your
account.

22
23
If someone tries to login into your account with wrong password then you will directly
get a mail that someone is trying to login to your account without your permission.

24
15. Data flow diagram –

25
15.1 Working –
Our website is suitable for real-time websites which just runs in a real-time environment
in a real-time operating system. At first when we start the website it will ask for
authentication. If you have your account details saved in your session data then you can
just directly login using your email id and the password. Remember here your password
is the series of photos in a order which you have selected while creating the account.
If you don’t have any account previously signed in then you have to click sign up where
you will be directly creating an account by giving your mail id and selecting the
password by selecting the series of images in an order. Then your data will be stored in
a session data in an encrypted format. But here all the data will be lost once you close
the window. Now, you can go to the sign in and do the same. Enter your mail id and
then select the series of images as selected before while signing up. Select all the
images in an order. Then the series of images consists of a code which will directly
match that password present in the session data. If the password is not matched then it
will show error dialog box and it will show the forget password options where you will
get the option to change the password.
Then after selecting the right password, you will be redirected to the desired website.

26
16. HIERARCHICAL REPRESENTATION -

GRAPHICAL USER AUTHENTICATION

USER

REGISTER

SELECT GRAPHICAL PASSWORD

LOGIN

LOGIN SUCCESSFULLY

ACCOUNT LOGGED IN

REDIRECT WEBSITE

27
17. SYSTEM ARCHITECTURE:

17.1 Architecture flow:

Below architecture diagram represents mainly flow of requests from users to database
through servers. In this scenario overall system is designed in three tires separately
using three layers called presentation layer, business logic layer and data link layer.

This project was developed using 3-tier architecture.

28
17.2 URL Pattern:

URL pattern represents how the requests are flowing through one layer to another layer
and how
the responses are getting by other layers to presentation layer through server in
architecture
diagram.

29
18. UML Diagram:

30
19. Deployment Diagram:

31
20. Activity Diagram:

32
21. Use Case Diagaram:

33
22. FUNCTIONAL REOUIREMENTS SPECIFICATION:

22.1 Modules:

1. Authentication Module
2. Remote Handling
3. Privileges

22.2 Module Description:

1. Authentication Module: To login to the home page we need to provide
a password by selecting images. These images are retrieved from
database dynamically. In database each character has assigned a
particular image.

User has to select the exact image. Only a valid user can identify the
exact image. If a user doesn't select a exact image then it returns
back to the previous page, which shows that the user is an invalid
user.

2. Remote Handling:
1. The Remote Handling module handles the terminal operations such as
shutdown, restart and logoff, by specifying the IP address of the remote
system.

3. Privileges: The Privileges module mainly handles the permissions of

the files. The file permissions include read, write and hidden permissions.

23. Non-functional Requirements:

23.1 Performance Requirements: The performance of the system lies in the

way it is handled. Every user must be given proper guidance regarding how to
use the system. The other factor which affects the performance is the absence of
any of the suggested requirements.

23.2 Safety Requirements: To ensure the safety of the system, perform regular
monitoring of the system so as to trace the proper working of the system. An
administrator should be there to ensure the safety of the system. He has to be
trained to handle extreme error cases.

23.3 Security Requirements: Any unauthorized user should be prevented

from accessing the system
34
24. Input:
24.1 Input Stages:
The main input stages can be listed as below:
. Data recording
. Data transcription
. Data conversion
. Data verification
. Data control
. Data transmission
. Data validation
. Data correction

25. Future Scope -

 Here you can add support for normal static web-pages.

 You can also increase your ram to get more space to save session data where
you can store the login details.
 You can connect it to the server where you will have to accept the login details
every time a user tries to create an account.
 If you get more ram then you can also have image of your choice and select
images of your wish.
 You can also add the images and store the password in the internal Storage but
you also get a threat I’m getting hacked off your password.
 You Can support images to get higher security so that no one can trace your
password by using your fingerprint or finger tips.
 You can also turn off the screen while screen recording or you can blank the
screen when you start your screen recording so that the password can’t be
captured while typing or selecting the series of images in order.

35
26. REFERENCES-

[1] William Stallings and Lawrie Brown. Computer Security: Principle and Practices.
Pearson Education, 2008.
[2] Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy, and Nasir
Memon. Passpoints: design and longitudinal evaluation of a graphical password system.
International Journal of Human-Computer Studies, 63:102–127, July 2005.
[3] Robert Morris and Ken Thompson. Password security: a case history.
Communications of the ACM, 22:594– 597, November 1979.
[4] Daniel V. Klein. Foiling the Cracker: A Survey of, and Improvements to, Password
Security. In Proceedings of the 2nd USENIX UNIX Security Workshop, 1990.
[5] Graphical Password Authentication. ShraddhaM. Gurav Computer Department
Mumbai University RMCET Ratnagiri, India. Leena S. Gawade Computer Department
Mumbai University RMCET Ratnagiri, India, 2014 IEEE.
[6] Enhancement of Password Authentication System Using Graphical Images. Amol
Bhand,Vaibhav desale Savitrybai Phule Pune University, Swati Shirke Dept.of
Computer Engineering NBN Sinhgad School of Engineering, Pune, Dec 16-19, 2015.
[7] The Shoulder Surfing Resistant Graphical Password Authentication Technique.
Mrs.Aakansha S. Gokhalea , Prof. Vijaya S.Waghmareb.
[8] A New Graphical Password Scheme Resistant to Shoulder-Surfing. Uwe Aickelin
School of Computer Science the University of Nottingham Nottingham, NG8 1BB, U.K.
[9] Minimizing Shoulder Surfing Attack using Text and Colour Based Graphical
Password Scheme. Prof. S. K. Sonkar, Prof. R. L. Paikrao , Prof. Awadesh Kumar, Mr.
S. B. Deshmukh, Computer Engineering Dept. Computer Engineering Dept. Amrutvahini
College of engineering, February - 2014.
[10] https://shsu-ir.tdl.org/shsu-ir/bitstream/handle/
20.500.11875/1164/0781.pdf?sequence=1
[11] https://ieeexplore.ieee.org/document/6208293/
[12] https://ieeexplore.ieee.org/document/4679917/
[13]Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., & Memon, N. (2005).
PassPoints: Design and longitudinal evaluation of a graphical password system.
[14] Aakansha Gokhale, & Vijaya Waghmare. (2013). Graphical Password
Authentication Techniques: A Review. 7.
[15] Ahmet Emir Dirik, Nasir Memon, & Jean-Camille Birget. (2007). Modeling user
choice in PassPoints graphical password scheme. 8.
36
[16] Nelson, D. L., Reed, V. S., & Walling, J. R. (1976). Pictorial superiority effect.
Journal of experimental psychology. Human learning and memory, 2(5), 523–528.
[17]Dhamija, R. (n.d.). Hash Visualization in User Authentication.
[18]Khan , W. Z., & Aalsalem, M. Y. (19 December, 2013). A Graphical Password
Based System for Small Mobile Devices.
[19] Manjunath G, Satheesh K, Saranyadevi C, & Nithya M. (2014). Text-Based
Shoulder Surfing Resistant Graphical Password Scheme.
[20] N.Asokan. (16 May, 2014). A Closer Look at Recognition-based Graphical
Passwords.
[21] Tao, H. (2006). Pass-Go, a New Graphical Password Scheme.
[22] Towseef Akram , Vakeel Ahmad, Israrul Haq, & Monisa Nazir. (2017). Graphical
Password Authentication.
[23] Vishal Kolhe, Vipul Gunjal, Sayali Kalasakar, & Pranjal Rathod. (2013). Secure
Authentication with 3D Password.
[24] Zheng, Z., Xiyu Liu , Lizi Yin , & Zhaocheng Liu. (2010). A Hybrid Password
Authentication Scheme Based on Shape and Text.
[25] Awais, A., Muhammad , A., M., K. H., & Talib, R. (2016). Secure Graphical
Password Techniques agaist Shoulder Surfing and Camera based Attacks

37
27. CONCLUSION:

User authentication is a major component in most maximum computer

safety contexts. In this extended abstract, we introduced a simple graphical
password authentication system. The system connects graphical and text-
based passwords trying to manage the best of both worlds. It also provides
multi-factor authentication in a friendly natural system. We described the
system operation with some examples and highlighted the major features
of the system.

38