A Study of Graphical User Authentication

With everything going online these days, including critical services like banking, billing, shopping and others – user authentication and authorization are no doubt is very critical. Though authentication by means of text passwords is still the most commonly used form, a lot of studies have proven t...

Full description

Saved in:
Bibliographic Details
Main Author: Wafa’ Mohd Kharudin
Format: Thesis
Language:English
Subjects:
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With everything going online these days, including critical services like banking, billing, shopping and others – user authentication and authorization are no doubt is very critical. Though authentication by means of text passwords is still the most commonly used form, a lot of studies have proven that this type of user authentication suffers from usability and security issues. Authentication with images or pictures or better known as graphical authentication is gaining its recognition as an alternative method to authenticate users for it is claimed that images or pictures are easier to use and remember, and it also has considerable security. Reviewing literatures from the last twenty years found that many graphical authentication schemes have been proposed and enhanced throughout the years, although few have successfully been applied in real and working systems. Opportunities for further research are still widely open and needed in areas such as memorability, predictability, image selection and retrieval, security, as well as image tolerances. Motivated by above findings and hoping to reduce the issues and limitations of graphical authentication, this thesis reports upon a series of graphical authentication studies. Several existing graphical authentication schemes are compared in terms of its usability and security, and then a novel hybrid authentication scheme named as Enhanced Hybrid Graphical Authentication System (EHGAS) was developed and tested to investigate its feasibility. Recognizing the opportunity to extend graphical authentication’s features to password recovery, this thesis also reports upon the potential of using graphical method as an alternative to the current method of recovering passwords. The study started by investigating the existing password recovery methods and then a new graphical recovery scheme was developed to demonstrate the use of graphical in recovering passwords. Feasibility study was conducted to assess its effectiveness as an alternative of password recovery. From these studies, it was found that graphical authentication is a promising alternative to the current method of password as well as recovery systems. Graphical authentication was very well-received by the participants, albeit them having no or lack of experience with any kinds of graphical scheme before. Graphical authentication also produced good results especially in the aspect of usability which made it very promising to be used more widely in the future, although there are still a lot of rooms for further research such as in terms of security, tolerances, memorability, and predictability.