Anda di halaman 1dari 14

AUTHENTICATION SCHEMES FOR

SESSION PASSWORDS
USING COLOR AND IMAGES

AIM AND OBJECTIVE


To develop a combination of
text
and
color
based
passwords
for
session
authentication
instead
of
traditional textual passwords.

INTRODUCTION
Traditional passwords are text based.
Sessions are maintained using text conventional text based
passwords
They are vulnerable to lots of attacks.
Alternatively graphical passwords or captchas are being used.
Biometrics, such as finger prints, iris scan or facial recognition
are also used

EXISTING SYSTEMS

Random and lengthy passwords can make the system secure

But such passwords are difficult to remember.

Vulnerable to following attacks eves dropping, dictionary


attack, social engineering and shoulder surfing

Also These passwords can be easily guessed or cracked because


they have to be from the ASCII key set from the keyboard.

Biometrics may be used but are expensive and slow and


require extra devices.

PROPOSED SYSTEM
New authentication scheme based on Sessions
Once a user logs in a new password is
generated
Once the sessions is terminated the password
is no longer valid.
Based on a combination of text and colors

ADVANTAGES
Password changes for every session.
Hence even if known cannot be reused.
Resistant to brute force attacks.
Is not expensive.
Also resistant to other types of attacks

SYSTEM REQUIREMENTS
SOFTWARE

HARDWARE
Processor

: Pentium IV

RAM

: 1 GB

Hard Disk

: 320 GB

KB
Mouse
Monitor :18 color

: 101 MM
: Optical

OS

Windows XP

Language

ASP .NET

Database

SQL Server

Framework

.NET 3.5

MODULES
USER REGISTRATION
TEXT GRID DEPLOYMENT
COLOR GRID DEPLOYMENT AND RATING
LOGIN
AUTHENTICATION

USER REGISTRATION MODULE


Here the user registers his details.
User name should be unique.
Next a valid email id is procured.
The user is redirected to the next screen.

TEXT GRID DEPLOYMENT

User submits his password.

Minimum length of the password is 8 .

This can be called as secret pass.

The secret pass should contain even number of


characters.

COLOR GRID DEPLOYMENT AND RATING

A grid of 8 colors are displayed to the user

The colors selected by the user

User should rate colors from 1 to 8 in any order.

LOGIN
During login the system shows the users text grid
Next it shows the color grid.

TEXT AUTHENTICATION

The first letter in the pair is used to select the row and the second
letter is used to select the column.

The intersection letter is part of the session password.

This is repeated for all pairs of secret pass

The password entered by the user is verified by the server to


authenticate the user.

If the password is correct, the user is allowed to enter in to the


system

COLOR AUTHENTICATION

The color grid consists of 4 pairs of colors

The color grid consists of 4 pairs of colors.

Each pair of color represents the row and the column of the grid.

Depending on the ratings given to colors, the session password is generated.

The first color of every pair in color grid represents row and second
represents column of the number grid.

The number in the intersection of the row and column of the grid is part of
the session password