Graphical Password Authentication
Summary
TLDRTeam Parakram introduces a graphical password authentication system to address the limitations of traditional text-based passwords. This user-friendly system leverages the ease of remembering images over text. Users register, select a color, and choose image categories to create a personalized sequence as their password. The password is securely hashed and encrypted before being stored in the cloud. Login involves selecting images in the correct sequence, with a two-factor authentication process for password updates. The system aims to enhance security while simplifying the authentication process.
Takeaways
- 🔒 The team Parakram has developed a graphical password authentication system to address the limitations of traditional text-based passwords.
- 🎨 The system is designed with user-friendliness in mind, including features like color selection to accommodate colorblind users.
- 📝 Users must register with the system by providing personal details such as name, email ID, and mobile number for identification.
- 🖼️ After registration, users select a color and choose categories from a filtered image pool to create a sequence of images that serve as their password.
- 🔐 The chosen password sequence is hashed using SHA-256 and encrypted with AES-256 before being stored in the cloud for security.
- 🔄 Users can sign in to websites using their graphical password by entering their mobile number and selecting images in the correct sequence.
- 🔄 The system verifies the entered sequence by decrypting and hashing it, then comparing it to the stored password.
- 🚫 If sign-in attempts exceed three, the user is notified via email to update their password, incorporating a two-factor authentication process for security.
- 🔄 A 'forgot password' feature is available, allowing users to reset their password through an email link.
- 🛡️ The system employs robust encryption and hashing algorithms to safeguard against brute force and dictionary attacks.
- 🚀 The team aims to implement a user-friendly graphical password authentication system to simplify the authentication process.
Q & A
What is the problem statement addressed by Team Parakram?
-Team Parakram addresses the issue of traditional text-based passwords being either too easy to guess or too difficult to remember, and proposes a graphical password authentication system as a solution.
What makes graphical passwords easier to remember than text-based passwords?
-Graphical passwords are based on images, which are generally easier for users to remember due to their visual nature compared to text.
What steps are involved in a user registering with the graphical password system?
-During registration, the user must provide details like name, email ID, and mobile number. They then select a color using radio buttons, and a filter is applied to the images in the image pool based on the chosen color.
How does the system accommodate colorblind users?
-The system includes a color selection feature using radio buttons, which allows colorblind users to easily navigate and use the graphical password method.
What is the process for selecting the actual password images?
-After applying the color filter, the images are categorized, and the user chooses categories they can remember. They then select a sequence of images from these categories to form their password.
How is the selected password secured and stored?
-The password is hashed using the SHA-256 algorithm, encrypted using the AES-256 algorithm, and then stored in the cloud.
What happens when a user wants to sign in using the graphical password?
-The user clicks on a button to sign in with the graphical password, enters their mobile number, and if they exist in the system, the color and categories are fetched to populate a grid with the password images and random images for selection.
How is the password verification process carried out during sign-in?
-The encrypted password is fetched from the database, decrypted, and the entered password is hashed and verified against the decrypted password. If they match, the user is authenticated.
What is the limit on the number of sign-in attempts allowed for a user?
-A user is allowed up to three sign-in attempts. If the attempts exceed this limit, the user is notified through email to update their password.
How does the system ensure secure password updates?
-The system uses two-factor authentication during password updates, requiring the user to enter their mobile number and an OTP received on their registered mobile number or email ID.
What feature does the system provide for users who forget their password?
-The system offers a 'forgot password' feature, where an email is sent to the user to reset their password, following the same process as updating the password.
How does the system prevent data breaches?
-The system uses the most secure encryption and hashing algorithms, such as SHA-256 and AES-256, making brute force and dictionary attacks almost impossible.
What is the ultimate goal of implementing the graphical password authentication system?
-The goal is to make the entire process of authentication much easier and more user-friendly while enhancing security.
Outlines
🔒 Introducing Graphical Password Authentication
Team Parakram introduces a novel approach to online authentication with a graphical password system, addressing the common issues with traditional text-based passwords. The system is designed to be more user-friendly and secure, leveraging the fact that images are easier to remember than text. Users register with basic details and select a color to accommodate colorblind individuals. The system filters images based on the chosen color and categories, allowing users to create a sequence of images as their password. This password is then securely hashed and encrypted before being stored in the cloud.
🎨 Customizing Your Graphical Password
The graphical password system allows users to select images from various categories to create a personalized password sequence. This feature enhances security by making the password more unique and harder to guess. The system also provides a login mechanism where users enter their mobile number, and the system retrieves their color and categories to display a grid of images. Users must select the images in the correct sequence to authenticate, with the system comparing the entered sequence to the stored, encrypted password.
🛡️ Security and Authentication Process
The system emphasizes security by using the SHA-256 hashing algorithm and AES-256 encryption to protect user passwords. It also implements a two-factor authentication process for password updates, requiring users to enter a mobile number and an OTP to ensure that only the legitimate user can change the password. If a user fails to authenticate after three attempts, they are notified via email to update their password. Additionally, a 'forgot password' feature is available, allowing users to reset their password through a secure process.
🔄 Password Update and Security Measures
In the event a user needs to update their password, the system provides a secure method to do so. After receiving an OTP on their registered mobile number or email, users can choose a new password. The system also includes a 'forgot password' feature, which sends an email to the user to initiate the password reset process. The summary of the process for updating or resetting the password is the same, ensuring a consistent and secure user experience.
🌐 Implementing a User-Friendly Authentication System
Team Parakram aims to implement this graphical password authentication system to simplify the authentication process, making it more accessible and secure for all users. The system is designed with a user-friendly flow and incorporates the most secure encryption and hashing algorithms to protect against brute force and dictionary attacks. The team thanks the audience for their attention and looks forward to making the authentication process easier with this innovative solution.
Mindmap
Keywords
💡Graphical Password
💡Authentication
💡SHA-256
💡AES256
💡Two-Factor Authentication
💡Colorblind Users
💡Image Pool
💡Password Hashing
💡Cloud Storage
💡OTP
💡Brute Force Attack
Highlights
Team Parakram introduces a graphical password authentication system to address the limitations of traditional text-based passwords.
Graphical passwords are proposed as an alternative because images are easier to remember than text.
The system includes a registration process requiring user details such as name, email, and mobile number.
A color selection feature is implemented to accommodate colorblind users.
Images are filtered by user-selected colors and categorized for easier memorization.
Users can choose from multiple categories to create a sequence of images that function as their password.
The selected images are hashed using the SHA-256 algorithm and encrypted with AES-256 before storage.
A login process is described where users can authenticate with their graphical password.
The system checks for user existence and prompts for mobile number entry during login.
A grid of password images and random images is displayed for the user to select in their password sequence.
Authentication involves decrypting the stored password and verifying it against the user's selection.
Users are allowed three login attempts, after which they receive an email notification to update their password.
Two-factor authentication is used for password updates to ensure security.
A 'forgot password' feature is available, triggering an email to reset the password.
The system aims to prevent data breaches by using secure encryption and hashing algorithms.
The graphical password authentication system is designed to be user-friendly and practical for internet authentication.
The team plans to implement this system to simplify the authentication process.
The presentation concludes with a thank you note, emphasizing the team's commitment to improving authentication methods.
Transcripts
hello everyone we are team parakram we
have chosen graphical password
authentication given by aicte as our
problem statement from the domain bucket
blockchain and cyber security
a password is needed to authenticate a
user to access content on the internet
traditional text-based passwords either
tend to be too easy which makes them
easy to guess or difficult which makes
them hard to remember
we present a graphical password
authentication system that takes
advantage of the fact that images are
easier to remember than text
first the user has to register with the
system details like name email id and
mobile number are required to identify a
user
then the user has to select a color
option provided in the form of radio
buttons
this feature has been included so that
colorblind users also can use this
method with ease
after selecting the color a filter is
applied to all the images in the image
pool
these images are categorized and the
categories are displayed to the user the
user can then choose categories that
they can easily remember and select a
sequence of images that serve as the
password
we have provided the option to select
images from different categories so that
the password can be more protected
this password is hashed using the
shar256 algorithm encrypted using aes256
algorithm and then stored in the cloud
when the user wants to sign in from a
website they can click on a button to
sign in using the graphical password
they are prompted to enter the mobile
number if the user does not exist a
prompt is displayed to let the user know
and redirect to registration
otherwise based on the mobile number the
color and categories are fetched from
the database a grid is then populated
with the password images and a set of
random images from the categories the
user has chosen the user then has to
select the images in the sequence of
their password
the encrypted password is fresh from the
database and decrypted the entered
password is hashed and verified against
the decrypted password
if the password matches the user is
authenticated and redirected back to the
website
a user is allowed up to three attempts
to sign in if the attempts exceed 3 the
user is notified through email to update
their password
the user has to enter their mobile
number an otp received on the registered
mobile number or email id and can then
proceed to choose a new password
we are using two-factor authentication
to ensure that only the user can update
the password and not anybody else
there is also a forgot password feature
that the user can access during login
when this option is used an email is
sent to the user to reset their password
the next steps are the same as the
process to update the password
to prevent a data breach we use the most
secure encryption and hashing algorithms
which makes brute force and dictionary
attacks almost impossible with a
user-friendly flow we plan to implement
this graphical password authentication
system so that it can make the entire
process of authentication much easier
thank you
関連動画をさらに表示
5.0 / 5 (0 votes)