A New Secure and Usable Captcha-Based Graphical Password Scheme

Khan, Altaf; Chefranov, Alexander G.

doi:10.1007/978-3-030-00840-6_17

Altaf Khan¹² &
Alexander G. Chefranov¹²

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 935))

Included in the following conference series:

International Symposium on Computer and Information Sciences

661 Accesses
2 Citations

Abstract

CaRP are known graphical password schemes using Captcha visual objects for password setting. CaRP contains four schemes with different alphabet symbols used for password specification. We generalize CaRP schemes introducing Click Symbol-Alphanumeric (CS-A) scheme which as CaRP schemes, ClickText (CT), ClickAnimal (CA), AnimalGrid (AG), and ClickPoint (CP), uses a proper symbol selection on the screen by clicking, but does not specify a particular alphabet. In particular, we show that using together in one alphabet Alphanumeric (A) and Visual (V) symbols (CS-AV) improves its usability and users are more motivated towards making strong passwords. For the security analysis, we applied segmentation techniques to identify the symbols on CT and proposed CS-AV. The segmentation and symbols identification of CS-AV and CT scheme do not reveal sensitive information. This paper also studies the usability: Experiments on both schemes show that such usability feature as memorability of CS-AV is greater by 3.75% than that of CT scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Shepard, R.N.: Recognition memory for words, sentences, and pictures. J. Verbal Learn. Verbal Behav. 6(1), 156–163 (1967)
Article Google Scholar
Zhu, B.B., Yan, J.D., Bao, G., Yang, M., Xu, N.: Captcha as graphical passwords - a new security primitive based on hard AI problems. IEEE Trans. Inf. Forensics Secur. 9(6), 891–904 (2014)
Article Google Scholar
von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: using hard AI problems for security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_18
Chapter Google Scholar
Nguyen, V.D., Chow, Y.-W., Susilo, W.: A CAPTCHA scheme based on the identification of character locations. In: Huang, X., Zhou, J. (eds.) ISPEC 2014. LNCS, vol. 8434, pp. 60–74. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-06320-1_6
Chapter Google Scholar
Biddle, R., Sonia, C., van Oorschot, P.C.: Graphical passwords: learning from the first twelve years. ACM Comput. Surv. 44(4) (2012)
Article Google Scholar
Chellapilla, K., Larson, K., Simard, P., Czerwinski, M.: Designing human friendly human interaction proofs (HIPs). In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 711–720. ACM (2005)
Google Scholar
Tang, M., Gao, H., Zhang, Y., Liu, Y., Zhang, P., Wang, P.: Research on deep learning techniques in breaking text-based Captchas and designing image-based Captcha. IEEE Trans. Inf. Forensics Secur. 13(10), 2522–2537 (2018)
Article Google Scholar
Gao, H., Tang, M., Liu, Y., Zhang, P., Liu, X.: Research on the security of Microsoft’s two-layer Captcha. IEEE Trans. Inf. Forensics Secur. 12(7), 1671–1685 (2017)
Article Google Scholar
Anton, H., Rorres, C.: Elementary linear algebra: application version - 7th editition, Howard, Drexel Unversity, ISSBN 0471-58741-9, Theorem 11.1.1, pp. 571–572 (1994)
Google Scholar
El Ahmad, A.S., Yan, J., Tayara, M., The robustness of Google CAPTCHAs University of Newcastle, UK, Technical Report 1278, 1–15 (2011)
Google Scholar
GSA Captcha segmentation. http://www.gsa-online.de/
Captcha Sniper available. http://www.Captchasniper.com/
Free online OCR [online]. http://www.i2ocr.com/
Free online OCR [online]. http://www.free-ocr.com/
Auto mouse clicker. http://www.murgee.com/auto-clicker/
John the Ripper Password Cracker [Online]. http://www.openwall.com/john/
Openwall Wordlists Collection [Online]. http://www.openwall.com/wordlists/
Furnel, S., Esmael, R., Yang, W., Li, N.: Enhancing security behaviour by supporting the user. Comput. Secur. Jan 31 (2018)
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Engineering, Eastern Mediterranean University, TRNC, Mersin 10, Turkey
Altaf Khan & Alexander G. Chefranov

Authors

Altaf Khan
View author publications
You can also search for this author in PubMed Google Scholar
Alexander G. Chefranov
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Altaf Khan .

Editor information

Editors and Affiliations

Institute of Theoretical and Applied Informatics, Polish Academy of Sciences, Gliwice, Poland
Tadeusz Czachórski
Department of Electrical and Electronic Engineering, Imperial College London, London, UK
Erol Gelenbe
Institute of Theoretical and Applied Informatics, Polish Academy of Sciences, Gliwice, Poland
Krzysztof Grochla
University of Houston, Houston, TX, USA
Ricardo Lent

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Khan, A., Chefranov, A.G. (2018). A New Secure and Usable Captcha-Based Graphical Password Scheme. In: Czachórski, T., Gelenbe, E., Grochla, K., Lent, R. (eds) Computer and Information Sciences. ISCIS 2018. Communications in Computer and Information Science, vol 935. Springer, Cham. https://doi.org/10.1007/978-3-030-00840-6_17

Download citation

DOI: https://doi.org/10.1007/978-3-030-00840-6_17
Published: 16 September 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00839-0
Online ISBN: 978-3-030-00840-6
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics