Shoulder Surfing Resistant Graphical Password Schema: Randomized Pass Points (RPP)

BOSTAN H., Bostan A.

14th International Conference on Information Security and Cryptology, ISCTURKEY 2021, Ankara, Turkey, 2 - 03 December 2021, pp.81-86 identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.1109/iscturkey53027.2021.9654422
  • City: Ankara
  • Country: Turkey
  • Page Numbers: pp.81-86
  • Keywords: Computer Security, Graphical Password, Security, Shoulder-Surfing Resistance, User Authentication


© 2021 IEEE.In this study, a pass-graph methodology that benefits from randomity and alternative pass-graphs derivation is proposed with the name of Randomized Pass Points. The proposed authentication methodology is scrutinized for its resistance against brute force and shoulder-surfing attacks. Evaluations prove that the proposed alternative is stronger than that of 8-digit 71-character-set password methodology against brute force attacks and it necessitates at least 5 valid log-ins be captured by the attacker to derive the pass-graph under given assumptions in shoulder-surfing attack.