Matrix Based Shoulder Surfing Security System

Download Document/Synopsis
Today, technology increased very fast and with newly developed innovation, competition, performances, maintains, security, privacy also increased. Security and privacy are playing vital role in any online application. To access or share any Information other user required password. Therefore, to maintained password security and privacy, user used different types of authentication technique one of them is textual password.
The shoulder surfing attack in an attack that can be performed by the adversary to obtain the user’s password by watching over the user’s shoulder as he enters his password. Since then, many graphical password schemes with different degrees of resistance to shoulder surfing have been proposed and each has its pros and cons. The alphabet used in the proposes scheme contains 16 characters to generate a secure password, including 6 lower case alphabets from a to f & 10 numerical from 0-9. System provides On-Screen keyboard to select the alphabet and numericals to generate a password. A matrix of 3×3 will be displayed to the user, where he/she needs to select any four positions from the matrix. In order to use this authentication system, user need to first register himself/herself into this system by filing up the basic registration details. The registration procedure also contains password entry process with matrix position selection. After a successful registration, user can access the login module where he/she need to first authenticate the account by entering the email id which was entered while registration. Once the email id is authenticated, the user may proceed with matrix password section where he/she need to select the characters associated with the respective matrix position. Once the user is authenticated, he/she will be redirected to their profile page. In case, user forgets the account password, and then he/she need to verify their account details. If the account details are validated then system will send an email containing password reset link in it. User need to access that link and reset their password.


Advantages
  • Helps users to login into their account more securely.
  • Stalker will not be able to collect the password via shoulder surfing.
  • Complex password technique with easy user interface.
  • In case, user forgets the password, he/she can reset their account password on validation.
Disadvantages
  • If user forgets password and don’t remember the account details for forgot password verification then, he/she need to try entering multiple combinations of password for multiple matrix position.
  • May provide inaccurate results if data not entered correctly.
-->