14th International Conference on Information Security and Cryptology, ISCTURKEY 2021, Ankara, Türkiye, 2 - 03 Aralık 2021, ss.81-86
© 2021 IEEE.In this study, a pass-graph methodology that benefits from randomity and alternative pass-graphs derivation is proposed with the name of Randomized Pass Points. The proposed authentication methodology is scrutinized for its resistance against brute force and shoulder-surfing attacks. Evaluations prove that the proposed alternative is stronger than that of 8-digit 71-character-set password methodology against brute force attacks and it necessitates at least 5 valid log-ins be captured by the attacker to derive the pass-graph under given assumptions in shoulder-surfing attack.