CN112650998A - Graph authentication method based on implicit login indicator transmission - Google Patents

Graph authentication method based on implicit login indicator transmission Download PDF

Info

Publication number
CN112650998A
CN112650998A CN202011545469.5A CN202011545469A CN112650998A CN 112650998 A CN112650998 A CN 112650998A CN 202011545469 A CN202011545469 A CN 202011545469A CN 112650998 A CN112650998 A CN 112650998A
Authority
CN
China
Prior art keywords
user
login
password
beads
password disk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011545469.5A
Other languages
Chinese (zh)
Other versions
CN112650998B (en
Inventor
方黎明
李阳
恽昕宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Aeronautics and Astronautics
Original Assignee
Nanjing University of Aeronautics and Astronautics
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Aeronautics and Astronautics filed Critical Nanjing University of Aeronautics and Astronautics
Priority to CN202011545469.5A priority Critical patent/CN112650998B/en
Publication of CN112650998A publication Critical patent/CN112650998A/en
Application granted granted Critical
Publication of CN112650998B publication Critical patent/CN112650998B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a graph authentication method based on implicit login indicator transmission.A user needs to select two beads as passwords and two area positions area on a password disk through the password disk provided by the scheme during registration, and the beads and the area positions area are sequentially recorded as the passwords. In the login stage, the system randomly fills the login indicators with letters and numbers as contents into 36 beads, and the user needs to acquire the login indicators through the beads selected by the user and correctly and sequentially correspond the login indicators to the zone positions selected by the user, so that unlocking can be completed. Because the process of transmitting the login indicator by the bead and the process of corresponding the login indicator to the area position by the user are implicit and the password of the user cannot be deduced through observation, the method can resist attack means such as shoulder surfing attack, smudge attack, screen recording attack and the like.

Description

Graph authentication method based on implicit login indicator transmission
Technical Field
The invention relates to a graph authentication method based on implicit login indicator transmission, belonging to the technical field of information security.
Background
With the rapid development of the internet technology, various intelligent devices are connected through the internet, and various convenient functions such as automatic data reporting, remote access, remote control management and the like are realized by using the convenience of information transmission through the internet.
Many internet of things and mobile devices are unattended most of the time, requiring a user to remotely manage the control device over a network, or the device to share collected information to a particular user. Most of these information are information having privacy attributes, and thus, rights management and authentication are very important. Researchers have made enormous efforts on the study of authentication mechanisms to prevent them from being broken by different attacks. However, new attack approaches have been proposed and are very diverse. The occurrence of shoulder surfing attacks and smudge attacks makes the traditional login authentication scheme which is generally applied more and more easy to be broken, thereby threatening the security of private data of users.
Among the login authentication methods in the past, a login method using numbers or letters (PINs) has been widely used by users because of its convenience of operation and good resistance to brute force attacks. But the security of the simple text password is low, and the strong text password brings a considerable memory burden to the user, and often causes the problem of password reuse. Researchers have proposed a graph-based password to address this problem. Although the password is easy to remember, the password is vulnerable to shoulder surfing. In a popular graphical password scheme, the trace that the user leaves on the screen each time is traceable and easily analyzed, so it also cannot resist smudge attacks. Some researchers have proposed some solutions to these attacks, but they have the weaknesses of poor portability (for example, users need to be equipped with additional devices such as earphones when logging in), and limited use scenes. After that, authentication schemes based on biometric identification, such as fingerprint identification, face identification, etc., have been proposed, but recently reported that they are all cracked, which means that they cannot effectively protect the privacy security of users, and a new authentication scheme is needed to resist various attacks and has good usability.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the method can resist privacy threats brought to users by shoulder surfing attacks, smudges attacks and screen recording attacks, and ensures the safety of the users in the process of logging in the equipment.
The invention adopts the following technical scheme for solving the technical problems:
a graphic authentication method based on implicit login indicator transmission comprises a registration stage and a login stage;
wherein, the registration phase comprises the following steps:
step 1, a user inputs a user name or a mobile phone number to establish an account number during registration;
step 2, the user selects to use an initial preset password disk or a self-defined password disk to set a password; the initial preset cipher disk comprises an inner ring and an outer ring, wherein the inner ring and the outer ring both comprise 18 spherical bead beads, the inner ring beads correspond to the outer ring beads one by one, an inner ring bead and the outer ring bead corresponding to the inner ring bead are combined together to define an area, and 36 beads in the inner ring and the outer ring are coated by using 9 different colors, namely, each 4 beads are coated with one color; the user-defined password disk is a new password disk formed by dragging an inner ring bead or an outer ring bead on the basis of an initial preset password disk by a user to change the position of the inner ring bead or the outer ring bead on the password disk;
step 3, selecting the bead1 and the bead2 in sequence on an initial preset password disk or a user-defined password disk by a user, remembering the selection sequence and the position of the selection sequence, and recording as a user password 1;
step 4, the user selects area1 and area2 in sequence on the initial preset password disk or the self-defined password disk, remembers the selection sequence and the position of the area1 and the selection sequence and the position of the area2 and records the selection sequence and the position as a user password 2, and the password disk used in the step is the same as the password disk used in the step 3;
step 5, mapping the user password 1 and the user password 2 to the account established in the step 1, and finishing the registration;
the login stage comprises the following steps:
step 6, the user inputs the account number established in the registration stage;
step 7, the system displays a login interface 1, namely a password disk corresponding to the login interface 1, and randomly fills 10 numbers of 0-9 and 26 letters of A-Z into 36 beads of the password disk;
step 8, the user observes the login interface 1, and according to the positions of the bead1 and the bead2 selected in the step 3, effective login indicators of the positions corresponding to the bead1 and the bead2 are sequentially extracted from the login interface 1 and are recorded as b1 and b 2;
step 9, the system displays a login interface 2, namely a password disk corresponding to the login interface 2, and randomly fills 10 numbers in total from 0 to 9 and 26 letters in total from A to Z into 36 beads of the password disk again; by rotating the password disk, sequentially rotating the bead of the valid login indicator b1 into area1 and the bead of the valid login indicator b2 into area 2;
and step 10, the system detects whether the effective login indicators correspond to the areas of the password of the user one by one, if so, the login is successful, and otherwise, the login is failed.
As a preferred scheme of the present invention, in step 1, the user inputs a user name or a mobile phone number, the system detects whether the user name or the mobile phone number already exists, and if so, the user is required to input an effective user name or a valid mobile phone number again; if the user name or the mobile phone number does not exist, an account is established by the user name or the mobile phone number.
As a preferred scheme of the present invention, in step 6, the user inputs a user name or a mobile phone number, the system detects whether the user name or the mobile phone number exists, if not, an error prompt is given to request the user to input the user name again, and if so, the login process continues.
As a preferred solution of the present invention, in step 7, the system displays the login interface 1, that is, the password disk corresponding to the login interface 1, and randomly fills a login indicator for the bead on the password disk, where the login indicator includes letters and numbers, and the password disk corresponding to the login interface 1 is fixed and immovable, and is used for the user to statically observe and implicitly obtain a valid login indicator delivered by the system.
As a preferred scheme of the present invention, in step 9, the system displays the login interface 2, the user rotates the password disk corresponding to the login interface 2 by sliding, the inner ring and the outer ring both rotate independently, the system randomly fills letters or numbers again for beads on the password disk, the bead sequence is randomly displayed again, and the user corresponds the beads where the effective login indicators are located to the area selected as the password by rotating the password disk according to the correct sequence according to the effective login indicators obtained in step 7.
As a preferred scheme of the present invention, in step 10, the system detects whether the area of the user as the password corresponds to the valid login indicator one to one, if so, the login is successful, if none or only one group corresponds, the login is failed, and the step returns to step 8; if the user fails more than 5 times continuously, the user is locked, and the login operation cannot be performed again within 12 hours.
Compared with the prior art, the invention adopting the technical scheme has the following technical effects:
1. the beads and the area of the user as the password are only known by the user, and the user can not expose the content when performing login authentication operation, because the password disk is a whole, all the beads can rotate when the user operates. There are a large number of possible situations (passwords) that appear to an attacker who attacks through shoulder surfing, thus making it impossible for the attacker to effectively infer the password.
2. The login indicator is randomly generated by the system, and changes every time of login authentication, so that an attacker cannot deduce the login indicator through orientation so as to break the password.
3. When the login indicator is transmitted, only the value in the user-selected bead can be used as the valid value of the login authentication certificate, and the other beads used as non-user passwords are still filled in by the system, but are all invalid. Thus, a shoulder-surfing attacker cannot distinguish which bead is the password, so that a correct and effective login indicator cannot be deduced, and the aim of implicit transmission is fulfilled.
4. The invention simultaneously overcomes the defects of easy attack and difficult memory of the traditional text password and the traditional graphic password, supports the arrangement mode of the user-defined password disk and the bead, and has rich diversity and higher safety.
Drawings
Fig. 1 is a flow chart of the user registration phase of the present invention.
FIG. 2 is a flow chart of the user login phase of the present invention.
FIG. 3 is an overview of the user interaction with the system of the present invention.
FIG. 4 is a schematic diagram of a custom bead interface, a registration stage 1, and a registration stage 2 in the embodiment.
Fig. 5 is a schematic diagram of login phase 1 in the embodiment.
Fig. 6 is a schematic diagram of the initial state of the login interface 2 in the embodiment.
Fig. 7 is a schematic diagram of login interface 2 after being operated by a user in the embodiment.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
The invention provides a graph login authentication method based on implicit login indicator transmission, wherein a user needs to select two beads (36 beads in total, all are spherical and have different colors) as passwords and two region positions (18 regions in total after the password disk is radially divided, and an inner ring bead and an outer ring bead are combined together and can be called as a region) on the password disk through a password disk provided by the scheme during registration, and the beads are sequentially recorded as the passwords. In the login stage, the system randomly fills the login indicators with letters and numbers as contents into 36 beads, and the user needs to acquire the login indicators through the beads selected by the user and correctly and sequentially correspond the login indicators to the zone positions selected by the user, so that unlocking can be completed. Because the process of the bead transferring the login indicator and the process of the user corresponding the login indicator to the region position are implicit, the user password cannot be deduced through observation, and the purpose of protecting the privacy of the user is achieved.
As shown in fig. 1 and fig. 2, the specific steps are as follows:
step 1: when a user registers, a user name or a mobile phone number is input to establish an account;
step 2: customizing a password disk or using a password disk initially preset by a system;
and step 3: the system displays a bead selection interface, and a user selects two specific beads which are recorded as a password of Location1 of the user;
and 4, step 4: the system displays an area selection interface, and a user selects two areas which are recorded as a Location2 password;
and 5: the system records and stores two sections of passwords of the user, maps the passwords to the user name and finishes the registration;
step 6: in the login authentication stage, a user firstly inputs a user name or a system defaults the user;
and 7: authentication phase 1: the system displays a login interface 1, and the system implicitly provides a login indicator;
and 8: a user observes the login interface 1 and extracts an effective login indicator;
and step 9: and an authentication stage 2: the system displays a login interface 2, and a user needs to rotate a password disk to sequentially correspond the beads where the effective login indicators are located to the areas selected as the passwords;
step 10: and when the system detects that the login indicator correctly corresponds to the user password, the login can be completed, otherwise, the login fails.
In step 1, the user inputs a user name UserName, the system detects whether the user name already exists, if yes, the user is required to input a valid user name again, and if not, step 2 can be entered.
In step 2, the system provides the password disk with the user-defined registration interface, the user can select the initial preset, and can also define the arrangement rule of the beads on the password disk by self by dragging the beads on the screen, and the beads can be dragged by the fingers of the user to change the positions of the beads at the stage.
In step 3, the system displays a bead selection interface, wherein the state of the password disk in the interface is the password disk style selected by the user in step 2; the user selects two specific beads 1 and 2 in sequence, which are marked as user password 1, and the position and the selection sequence of the two specific beads 1 and 2 need to be remembered as passwords by the user.
In step 4, the system displays an area selection interface, the state of the password disk is the same as that of the previous step, and the user selects two areas area1 and area2, which are marked as user password 2.
In step 5, the system stores { UserName, bead1, bead2, area1, area2} in the database, and the user registration is complete.
In step 6, the user inputs a user name UserName, the system detects whether the user name exists, if not, an error prompt is given to request the user to input the user name again, and if so, the login process continues.
In step 7, the system displays the login interface 1, randomly fills the beads on the password disk with login indicators, wherein the login indicators are composed of letters or numbers, the password disk at the stage is fixed and immobile, and only the user can statically observe and implicitly acquire the login indicators transmitted by the system.
In step 8, the user observes the interface, and obtains the value, possibly the number and possibly the letter, in the bead extracted as the password by the user according to the bead selected as the password by the user and the sequence of the beads, which is a valid login indicator. After the user finishes observing, the user can click 'next' to enter the next step.
In step 9, the system displays the login interface 2, the password disk user at this stage can rotate integrally by sliding the screen, the outer ring can rotate independently, and the inner ring can also rotate independently. In the stage, the system randomly fills alphanumerics for the beads again, the bead sequence is randomly displayed again, a user needs to correspond the beads where the effective login indicators are located to the area which is selected as the password by the user according to the login indicators obtained in the previous stage and the correct sequence through rotating the password disk, and the area simultaneously comprises an inner circle and an outer circle, so that the beads with the login indicators can be rotated to the target area no matter the beads are refreshed in the inner circle or the outer circle.
In step 10, the system detects whether the area of the user as the password corresponds to the valid login indicator one by one, if so, the login is successful, if none or only one group of the area corresponds to the valid login indicator, the login fails, and the process returns to step 8. If the user fails more than 5 times continuously, the user is locked, and the login operation can not be performed again within 12 hours.
The following is a detailed description of registration and login with reference to the examples:
the method comprises the following steps: and displaying an initial custom bead interface. Fig. 1 is an initialization pad interface in which a user can drag a bead to change its arrangement to customize a pad. In this example, an initial preset is selected. (i.e., cipher disk shown in FIG. 4)
Step two: registration phase 1. At this stage, the user needs to select two beads (denoted Location1) in order. In the example, the system provides the user with the combination disks shown in FIG. 1, and the user selects the bead with "K" and the bead with "5" in that order as the user's Location1 password.
Step three: and a registration phase 2. At this stage, the user needs to select two areas (denoted Location2) in order. In the example, the system still provides the user with the combination disks shown in FIG. 4, and the user has selected the area of "8, Q" and the area of "Z, H" in that order as the user's Location2 password. At this point, after the registration process is completed, the system completely records the Location1 password and the Location2 password selected by the user and maps the passwords to the user name of the user.
Step four: stage 1 of logging in. The system provides the user with the interface shown in fig. 5. This interface is the login interface 1. And the system randomly injects a login indicator (login indicator) for the beads, but only the login indicators loaded in two beads selected by the user are valid login indicators and can be used as the login operation of the next stage. In the example, the valid 2-bit login indicator that the system passes for the user is: "8, T". Note that the 2-bit registration indicator has a sequence requirement, and the registration indicator is "8, T" instead of "T, 8" depending on the order in which the user selects the beads. So far, the user can extract the login indicator transferred by the system by observing the login interface 1, and the two-bit effective login indicator completes the implicit transfer.
But in the attacker's perspective, it is not known which of the beads is loaded with a valid login indicator.
Step five: and (5) logging in to a stage 2. The system displays a login interface 2 for the user, which is shown in fig. 6. The beads of the pad are shuffled and the system randomly fills each bead with an alphanumeric number. The user needs to operate the rotating password disk to correctly rotate the bead where the valid login indicator is located into the two areas selected by the user, namely the Location2 password, in sequence. In the example, the user turns the bead with "8" into the area in the lower left corner and turns the bead with "T" into the area in the upper right corner, as highlighted in FIG. 7.
Step six: the system checks whether the valid login indicator correctly corresponds to the area (Location2 password) selected by the user. At this point, the user in the example may have completed unlocking. However, in the view of an attacker, any area loaded with a valid challenge value may not be guessed as the user's true password. At this point, the user has completed an implicit login operation. A schematic diagram of the user interaction with the system is shown in fig. 3.
The above embodiments are only for illustrating the technical idea of the present invention, and the protection scope of the present invention is not limited thereby, and any modifications made on the basis of the technical scheme according to the technical idea of the present invention fall within the protection scope of the present invention.

Claims (6)

1. A graphic authentication method based on implicit login indicator transmission is characterized by comprising a registration stage and a login stage;
wherein, the registration phase comprises the following steps:
step 1, a user inputs a user name or a mobile phone number to establish an account number during registration;
step 2, the user selects to use an initial preset password disk or a self-defined password disk to set a password; the initial preset cipher disk comprises an inner ring and an outer ring, wherein the inner ring and the outer ring both comprise 18 spherical bead beads, the inner ring beads correspond to the outer ring beads one by one, an inner ring bead and the outer ring bead corresponding to the inner ring bead are combined together to define an area, and 36 beads in the inner ring and the outer ring are coated by using 9 different colors, namely, each 4 beads are coated with one color; the user-defined password disk is a new password disk formed by dragging an inner ring bead or an outer ring bead on the basis of an initial preset password disk by a user to change the position of the inner ring bead or the outer ring bead on the password disk;
step 3, selecting the bead1 and the bead2 in sequence on an initial preset password disk or a user-defined password disk by a user, remembering the selection sequence and the position of the selection sequence, and recording as a user password 1;
step 4, the user selects area1 and area2 in sequence on the initial preset password disk or the self-defined password disk, remembers the selection sequence and the position of the area1 and the selection sequence and the position of the area2 and records the selection sequence and the position as a user password 2, and the password disk used in the step is the same as the password disk used in the step 3;
step 5, mapping the user password 1 and the user password 2 to the account established in the step 1, and finishing the registration;
the login stage comprises the following steps:
step 6, the user inputs the account number established in the registration stage;
step 7, the system displays a login interface 1, namely a password disk corresponding to the login interface 1, and randomly fills 10 numbers of 0-9 and 26 letters of A-Z into 36 beads of the password disk;
step 8, the user observes the login interface 1, and according to the positions of the bead1 and the bead2 selected in the step 3, effective login indicators of the positions corresponding to the bead1 and the bead2 are sequentially extracted from the login interface 1 and are recorded as b1 and b 2;
step 9, the system displays a login interface 2, namely a password disk corresponding to the login interface 2, and randomly fills 10 numbers in total from 0 to 9 and 26 letters in total from A to Z into 36 beads of the password disk again; by rotating the combination disks, sequentially rotating the bead of the valid login indicator b1 into area1 and the bead of the valid login indicator b2 into area 2;
and step 10, the system detects whether the effective login indicators correspond to the areas of the password of the user one by one, if so, the login is successful, and otherwise, the login is failed.
2. The graphic authentication method based on implicit login indicator transmission according to claim 1, wherein in step 1, the user inputs a user name or a mobile phone number, the system detects whether the user name or the mobile phone number already exists, and if yes, the user is required to input a valid user name or a valid mobile phone number again; if the user name or the mobile phone number does not exist, an account is established by the user name or the mobile phone number.
3. The graphic authentication method based on implicit login indicator transmission as claimed in claim 1, wherein in step 6, the user inputs a user name or a mobile phone number, the system detects whether the user name or the mobile phone number exists, if not, an error prompt is given to require the user to input the user name again, and if so, the login process continues.
4. The graphical authentication method based on implicit login indicator delivery according to claim 1, wherein in the step 7, the system displays the login interface 1, i.e. the password disk corresponding to the login interface 1, and randomly fills the login indicator for the bead on the password disk, wherein the login indicator comprises letters and numbers, and the password disk corresponding to the login interface 1 is fixed and immovable, so that the user can statically observe and implicitly obtain the valid login indicator delivered by the system.
5. The graphical authentication method based on implicit login indicator transmission according to claim 1, wherein in the step 9, the system displays the login interface 2, the user rotates the password disk corresponding to the login interface 2 by sliding, the inner ring and the outer ring both rotate independently, the system randomly fills letters or numbers into the beads on the password disk again, the bead sequence is randomly displayed again, and the user corresponds the beads where the valid login indicators are located to the area selected as the password by the user according to the valid login indicators obtained in the step 7 by rotating the password disk in the correct sequence.
6. The graphical authentication method based on implicit login indicator delivery according to claim 1, wherein in the step 10, the system detects whether the area of the user as the password corresponds to the valid login indicator one-to-one, if so, the login is successful, if none or only one group of the areas corresponds, the login is failed, and the step returns to the step 8; if the user fails more than 5 times continuously, the user is locked, and the login operation cannot be performed again within 12 hours.
CN202011545469.5A 2020-12-24 2020-12-24 Graphic authentication method based on implicit login indicator transfer Active CN112650998B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011545469.5A CN112650998B (en) 2020-12-24 2020-12-24 Graphic authentication method based on implicit login indicator transfer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011545469.5A CN112650998B (en) 2020-12-24 2020-12-24 Graphic authentication method based on implicit login indicator transfer

Publications (2)

Publication Number Publication Date
CN112650998A true CN112650998A (en) 2021-04-13
CN112650998B CN112650998B (en) 2024-02-20

Family

ID=75359786

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011545469.5A Active CN112650998B (en) 2020-12-24 2020-12-24 Graphic authentication method based on implicit login indicator transfer

Country Status (1)

Country Link
CN (1) CN112650998B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140053254A1 (en) * 2012-08-17 2014-02-20 Industrial Technology Research Institute Graphical authentication system and method for anti-shoulder surfing attack
CN111143812A (en) * 2019-11-15 2020-05-12 南京航空航天大学 Login authentication method based on graph

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140053254A1 (en) * 2012-08-17 2014-02-20 Industrial Technology Research Institute Graphical authentication system and method for anti-shoulder surfing attack
CN111143812A (en) * 2019-11-15 2020-05-12 南京航空航天大学 Login authentication method based on graph

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
李阳: ""抗多种攻击的移动平台身份认证方案研究与设计", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
龙勇;蔡昌许;蔡昌曙;: "一种登录安全解决方案", 电脑知识与技术, no. 35 *

Also Published As

Publication number Publication date
CN112650998B (en) 2024-02-20

Similar Documents

Publication Publication Date Title
CA2689853C (en) Secure access by a user to a resource
US7409705B2 (en) System and method for user authentication
Kwon et al. TinyLock: Affordable defense against smudge attacks on smartphone pattern lock systems
US20100199100A1 (en) Secure Access by a User to a Resource
US8495732B2 (en) Entering an identifier with security improved by time based randomization of input steps
Bianchi et al. PassBYOP: bring your own picture for securing graphical passwords
US20120011370A1 (en) Personal identification code entry device and method therefor
WO2007098569A1 (en) Method and system for securing interface access via visual array paths in combination with hidden operators
CN104834840B (en) Cipher code protection method based on mapping drift technology
Islam et al. Prevention of shoulder-surfing attacks using shifting condition using digraph substitution rules
CN111460536B (en) Password verification method and device, storage medium and electronic equipment
CN111143812B (en) Login authentication method based on graphics
Islam et al. A review on recognition-based graphical password techniques
Ho et al. Preventing Shoulder‐Surfing Attack with the Concept of Concealing the Password Objects’ Information
CN104966014B (en) The encryption method and encryption device of terminal, the decryption method of terminal and decryption device
US7689831B2 (en) Method and system for securing interface access via visual array paths in combination with hidden operators
CN112650998A (en) Graph authentication method based on implicit login indicator transmission
KR100927280B1 (en) How to prevent secure string exposure using fake rounds
Salman et al. A graphical PIN entry system with shoulder surfing resistance
Ku et al. A simple sector-based textual-graphical password scheme with resistance to login-recording attacks
Dias et al. Deep learning based graphical password authentication approach against shoulder-surfing attacks
Yang et al. TIM: Secure and usable authentication for smartphones
KR20080011362A (en) Method for hacking protection of gotp
Ku et al. A sector-based graphical password scheme with resistance to login-recording attacks
Kita et al. A proposal and implementation of the shoulder-surfing attack resistant authentication method using two shift functions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant