• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5755-5772
• /
• 2019

Security is becoming more important as society changes rapidly. In addition, today's ICT environment demands changes in existing security technologies. As a result, password authentication methods are also changing. The authentication method most often used for security is password authentication. The most-commonly used passwords are text-based. Security enhancement requires longer and more complex passwords, but long, complex, text-based passwords are hard to remember and inconvenient to use. Therefore, authentication techniques that can replace text-based passwords are required today. Graphical passwords are more difficult to steal than text-based passwords and are easier for users to remember. In recent years, researches into graphical passwords that can replace existing text-based passwords are being actively conducting in various places throughout the world. This article surveys recent research and development directions of graphical password authentication systems in Korea. For this purpose, security authentication methods using graphical passwords are categorized into technical groups and the research associated with graphical passwords performed in Korea is explored. In addition, the advantages and disadvantages of all investigated graphical password authentication methods were analyzed along with their characteristics.

• Journal of Digital Convergence
• /
• v.12 no.5
• /
• pp.231-238
• /
• 2014

Graphical passwords using images have been developed to solve problems in text based password recognition. The basic recognition process scheme of graphical passwords is clicking certain points on the screen image in correct order. In this pre-developed method of graphical passwords the recognition will fail if the precise positions are not clicked. A new graphical password system called PassPositions is introduced in this paper. PassPositions is a new graphical password scheme which is using relative positions never used earlier graphical password schemes. PassPositions is a graphical password scheme based on universal design that everybody can use conveniently without regarding their physical conditions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.189-200
• /
• 2012

With increasing the number of smart device such as Tablet PC, smart phone and netbook, information security which based on smart device in mobile environment have become the issue. It is important to enter a password safety. In various types of mobile devices, because of hardware limitation of device, it is difficult that to equip secondary input device such as keyboard and mouse. Also, a loss of accuracy becomes a problem because input information was entered by touch screen. Because of problem mentioned above it can be predicted to change password scheme text based password scheme to graphical password scheme, graphical password scheme is easy to use and is resistant to shoulder surfing attack. So this paper proposes new graphical password scheme based 5 strokes which are made by decomposed the Korean to defend against shoulder surfing attack.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.525-532
• /
• 2013

Recently smartphones, tablet, etc. Various types of smart terminal is due to the increased security in mobile devices are becoming an issue. How to enter the password in this environment is a very important issue. Difficult to have a secure password input device on various types of mobile devices. In addition you enter on the touch screen the password of character, uncomfortable and it is vulnerable to SSA attack. Therefore, in this paper provide for defense the SSA(Shoulder Surfing Attacks) and useful password input mechanism is proposed with Smartphone GPS uses a value generated via a graphical password techniques.

• Journal of Information Processing Systems
• /
• v.16 no.5
• /
• pp.1034-1047
• /
• 2020

The personal authentication technique is an essential tool in this complex and modern digital information society. Traditionally, the most general mechanism of personal authentication was using alphanumeric passwords. However, passwords that are hard to guess or to break, are often hard to remember. There are demands for a technology capable of replacing the text-based password system. Graphical passwords can be an alternative, but it is vulnerable to shoulder-surfing attacks. This paper looks through a number of recently developed graphical password systems and introduces a personal authentication system using a machine learning technique with electroencephalography (EEG) signals as a new type of personal authentication system which is easier for a person to use and more difficult for others to steal than other preexisting authentication systems.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.49 no.9
• /
• pp.215-224
• /
• 2012

Using password on system is easy to build and shorten the access time to authorize user, which is high in use for vary system that requires users' authorization. Many input device are able to perform the password system easily, such as PC, smart-phone, tablet PC, etc. Beside the high usability of password, physical attack occurs when user put their password on the device, known as Shoulder Surfing attack. It used to be formed in numbers, characters or mix of different kinds, but new kind of password arose. Exploiting image or making scenarios are those kinds which are able to reflect users' intentions. Not many estimation exists for new password, so there's need to be standard for those new password for highlighting usability and accessability. In this paper, we propose password system with simple image and switching key-board to test statistical method to estimate usability on the password.

• The Journal of the Korea Contents Association
• /
• v.11 no.4
• /
• pp.33-41
• /
• 2011

Although conventional text-based passwords are used as the most common authentication method, they have significant drawbacks such as guess attacks, dictionary attacks, key loggers, and shoulder-surfing. To address the vulnerabilities of traditional text-based passwords, graphical password schemes have been developed as possible alternative solutions, but they have a potential drawback that they are more vulnerable to shoulder-surfing than conventional text-based passwords. In this paper, we present a new Hangul password input method to prevent shoulder-surfing attacks. Our approach uses Hangul as a password, and it requires the users to locate their password in the given wheeling password grid instead of entering the password. Our approach makes it difficult for attackers to observe a user's password since the system shows the users' passwords with decoy characters as the noise on the screen. Also, we provide security analysis for random attacks, dictionary attacks, and shoulder-surfing attacks, and it shows that our password system is robust against these attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.117-119
• /
• 2021

In this paper, the strengths and weaknesses of each type of personal authentication system are examined and the development direction of the personal authentication system is presented. Currently, the personal authentication system commonly used is a text-based password system. However, most of the current text-based password systems are weak in usability and security. In order to solve this problems a personal authentication system that can replace the text-based password system is required. In this paper, we take the recently developed graphical password system as an example to find the conditions and possibilities to replace the text-based password system, and present the development direction of the personal authentication system.

• Journal of Advanced Information Technology and Convergence
• /
• v.8 no.2
• /
• pp.41-46
• /
• 2018

As evidenced through rapidly growing digital devices and information, digital authentication is becoming ever more critical, especially considering the complex and prevalent digital accounts we are using every day. Also, digital authentication is apt to consistent digital security application. In this sense, digital security quality and usability can be enhanced by developing a mechanism for efficient digital authentication. In this paper, a mechanism of efficient digital authentication called T-TIME is introduced in order to alleviate issues dealing with secure and user friendly authentication across ever- growing digital devices and information. Touch Signal generation time difference is utilized for T-TIME as a mediation mechanism that enhances the security quality by confusing others unlike other graphical password mechanisms which are using spatial information. Hence, digital authentication by using T-TIME can be a good way of enhancing security quality and usability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4560-4575
• /
• 2018

Since smartphone contains various personal data, security is one of the important aspects in smartphone technologies. Up to now, various authentication techniques have been proposed to protect smartphones. The pattern lock on the Android system is one of the most widely used authentication methods for low-cost devices but it is known to be vulnerable to smudge attack or shoulder surfing attack. LG's smartphone uses its own technique, which is called "Knock Code." The knock code completes the authentication by touching the user defined area in turn on the screen. In this paper, we propose the new, enhanced version of knock code by adding the sliding operation and by using flexible area recognition. We conducted security analysis, which shows that under the same password size, the search space is overwhelmingly larger than the original algorithm. Also, by using the sliding operation, the proposed scheme shows resilience against smudge attacks. We implemented the prototype of our scheme. Experimental results show that compared with the original Knock Code and Android pattern lock, our scheme is more convenient while providing better security.