TY - GEN
T1 - Optimal discretization for high-entropy graphical passwords
AU - Bicakci, Kemal
PY - 2008
Y1 - 2008
N2 - In click-based graphical password schemes that allow arbitrary click locations on image, a click should be verified as correct if it is close within a predefined distance to the originally chosen location. This condition should hold even when for security reasons the password hash is stored in the system, not the password itself. To solve this problem, a robust discretization method has been proposed[4], recently. In this paper, we show that previous work on discretization does not give optimal results with respect to the entropy of the graphical passwords and propose a new discretization method to increase the password space. To improve the security further, we also present several methods that use multiple hash computations for password verification.
AB - In click-based graphical password schemes that allow arbitrary click locations on image, a click should be verified as correct if it is close within a predefined distance to the originally chosen location. This condition should hold even when for security reasons the password hash is stored in the system, not the password itself. To solve this problem, a robust discretization method has been proposed[4], recently. In this paper, we show that previous work on discretization does not give optimal results with respect to the entropy of the graphical passwords and propose a new discretization method to increase the password space. To improve the security further, we also present several methods that use multiple hash computations for password verification.
KW - Authentication
KW - Discretization
KW - Graphical passwords
KW - Password security
UR - http://www.scopus.com/inward/record.url?scp=58449100239&partnerID=8YFLogxK
U2 - 10.1109/ISCIS.2008.4717862
DO - 10.1109/ISCIS.2008.4717862
M3 - Conference contribution
AN - SCOPUS:58449100239
SN - 9781424428816
T3 - 2008 23rd International Symposium on Computer and Information Sciences, ISCIS 2008
BT - 2008 23rd International Symposium on Computer and Information Sciences, ISCIS 2008
T2 - 2008 23rd International Symposium on Computer and Information Sciences, ISCIS 2008
Y2 - 27 October 2008 through 29 October 2008
ER -