Restricting shoulder surfing: a modified graphical password Technique

Document Type: Research Paper


Department of Master of Application, Jain Deemed to-be University, Jayanagar, Bengaluru, Karnataka, India.


Graphical passwords are the ways in which user click on the image or user can select the image to authenticate themselves instead of giving passwords. This technique is more secure that textual password techniques. In this article, the shoulder surfing preventive mechanism of graphical password authentication is given. Finally the login password system is proposed to deal with such type of problems. First time, we are introducing a modified approach is given to resolve the shoulder surfing based on recall and recognition based concepts. Usually it is seen that the most common vulnerability of graphical password is shoulder surfing attack. This research aims to analyze the usability feature of recognition based and recall based graphical password methods and present a technique to apply an image based password that is safe from the shoulder surfing attack. In the similar context, the purpose of this paper is to present an alternative way to apply the recall and recognition based technique that will be protective for guess through shoulder surfing. And this graphical technique will be easy to memories the authentication password and process of authentication.


Main Subjects

[1]      Xu, X. (2012). From cloud computing to cloud manufacturing. Robotics and computer-integrated manufacturing28(1), 75-86.

[2]      MOHAPATRA, H. (2009). HCR using neural network (PhD’s Desertion, Biju Patnaik University of Technology).

[3]      Mohapatra, H., & Rath, A. K. (2019). Detection and avoidance of water loss through municipality taps in India by using smart taps and ICT. IET wireless sensor systems9(6), 447-457.

[4]      Mohapatra, H., & Rath, A. K. (2019). Fault tolerance in WSN through PE-LEACH protocol. IET wireless sensor systems9(6), 358-365.

[5]      Mohapatra, H., Debnath, S., & Rath, A. K. (2019). Energy management in wireless sensor network through EB-LEACH (No. 1192). EasyChair.

[6]      Nirgude, V., Nirgude, V., Mohapatra, H., & Shivarkar, S. (2017). Face recognition system using principal component analysis & linear discriminant analysis method simultaneously with 3d morphable model and neural network BPNN method. Global journal of advanced engineering technologies and sciences, 4. 1-6.

[7]      Panda, M., Pradhan, P., Mohapatra, H., & Barpanda, N. (2019). Fault tolerant routing in heterogeneous environment. International journal of scientific & technology research, 8(8). 1009-1013.

[8]      Mohapatra, H., & Rath, A. K. (2019). Fault-tolerant mechanism for wireless sensor network. IET wireless sensor systems, 10(1), 23-30. DOI: 10.1049/iet-wss.2019.0106

[9]      Swain, D., Ramkrishna, G., Mahapatra, H., Patr, P., & Dhandrao, P. M. (2013). A novel sorting technique to sort elements in ascending order. International journal of engineering and advanced technology3(1), 212-126.

[10]   Haenlein, M., & Kaplan, A. (2019). A brief history of artificial intelligence: On the past, present, and future of artificial intelligence. California management review61(4), 5-14.

[11]   Zheng, H., Liu, D., Wang, J., & Liang, J. (2019). A QoE-perceived screen updates transmission scheme in desktop virtualization environment. Multimedia tools and applications78(12), 16755-16781.

[12]   Broumi, S., Dey, A., Talea, M., Bakali, A., Smarandache, F., Nagarajan, D., ... & Kumar, R. (2019). Shortest path problem using Bellman algorithm under neutrosophic environment. Complex & intelligent systems5(4), 409-416.

[13]   Kumar, R., Edalatpanah, S. A., Jha, S., Broumi, S., Singh, R., & Dey, A. (2019). A multi objective programming approach to solve integer valued neutrosophic shortest path problems. Neutrosophic sets and systems24, 134-149.

[14]   Kumar, R., Dey, A., Broumi, S., & Smarandache, F. (2020). A study of neutrosophic shortest path problem. In neutrosophic graph theory and algorithms (pp. 148-179). IGI Global.

[15]   Kumar, R., Edalatpanah, S. A., Jha, S., & Singh, R. (2019). A novel approach to solve gaussian valued neutrosophic shortest path problems. Infinite study.

[16]   Kumar, R., Edalatpanah, S. A., Jha, S., Gayen, S., & Singh, R. (2019). Shortest path problems using fuzzy weighted arc length. International journal of innovative technology and exploring engineering8, 724-731.

[17]   Kumar, R., Edaltpanah, S. A., Jha, S., & Broumi, S. (2018). Neutrosophic shortest path problem. Neutrosophic sets and systems23(1), 2.

[18]   Kumar, R., Jha, S., & Singh, R. (2020). A different approach for solving the shortest path problem under mixed fuzzy environment. International journal of fuzzy system applications (IJFSA)9(2), 132-161.

[19]   Kumar, R., Jha, S., & Singh, R. (2017). Shortest path problem in network with type-2 triangular fuzzy arc length. Journal of applied research on industrial engineering4(1), 1-7.

[20]   Kumar, R., Edalatpanah, S. A., Jha, S., & Singh, R. (2019). A Pythagorean fuzzy approach to the transportation problem. Complex & intelligent systems5(2), 255-263.

[21]   Smarandache, F., & Broumi, S. (Eds.). (2019). Neutrosophic graph theory and algorithms. Engineering science reference.

[22]   Sakhnini, J., Karimipour, H., Dehghantanha, A., Parizi, R. M., & Srivastava, G. (In Press). Security aspects of Internet of things aided smart grids: a bibliometric survey. Internet of things.

[23]   Gayen, S., Smarandache, F., Jha, S., & Kumar, R. (2019). Interval-valued neutrosophic subgroup based on interval-valued triple t-norm. In M. Abdel-Basset and F. Smarandache (Eds.), Neutrosophic sets in decision analysis and operations research. IGI-Global.

[24]   Gayen, S., Smarandache, F., Jha, S., Singh, M. K., Broumi, S., & Kumar, R. (2020). Introduction to Plithogenic subgroup. Neutrosophic graph theory and algorithms (pp. 213-259). IGI Global.

[25]   Umer Shuaib, M. S. (2019). On Some properties of o-anti fuzzy subgroups. Computer science14(1), 215-230.

[26]   Gayen, S., Jha, S., Singh, M., & Kumar, R. (2019). On a generalized notion of anti-fuzzy subgroup and some characterizations. International journal of engineering and advanced technology (IJEAT), 8(3), 385-390.

[27]   Kumar, S. S., Khalkho, A., Agarwal, S., Prakash, S., Prasad, D., & Nath, V. (2019). Design of smart security systems for home automation. Nanoelectronics, circuits and communication systems (pp. 599-604). Singapore: Springer.

[28]   Philip, J., & Shah, D. (2019). Implementing signature recognition system as SaaS on microsoft azure cloud. In Data management, analytics and innovation (pp. 479-488). Singapore: Springer.

[29]   Costa, P., Montenegro, R., Pereira, T., & Pinto, P. (2019). The security challenges emerging from the technological developments. Mobile networks and applications24(6), 2032-2037.

[30]   Tanimoto, S., Takahashi, Y., Takeishi, A., Wangyal, S., Dechen, T., Sato, H., & Kanai, A. (2019, September). Concept proposal of multi-layer defense security countermeasures based on dynamic reconfiguration multi-perimeter lines. International conference on network-based information systems (pp. 413-422). Cham: Springer.

[31]   Wen, T., Ge, Q., Lyu, X., Chen, L., Constantinou, C., Roberts, C., & Cai, B. (In Press). A cost-effective wireless network migration planning method supporting high-security enabled railway data communication systems. Journal of the franklin institute.

[32]   Almulhem, A. (2011, February). A graphical password authentication system. 2011 world congress on internet security (WorldCIS-2011) (pp. 223-225). IEEE.

[33]   Wiedenbeck, S., Waters, J., Birget, J. C., Brodskiy, A., & Memon, N. (2005, July). Authentication using graphical passwords: Effects of tolerance and image choice. Proceedings of the 2005 symposium on usable privacy and security (pp. 1-12).

[34]   Lashkari, A. H., Farmand, S., Zakaria, D., Bin, O., & Saleh, D. (2009). Shoulder surfing attack in graphical password authentication. International journal of computer science and information security, 6(2), 145-154.

[35]   Gokhale A., & Waghmare, V. (2016). The recognition and recall approach based graphical password technique, International journal of computer applications, 975, 8887.

[36]   Dhamija, R., & Perrig, A. (2000, August). Deja Vu-A User Study: Using Images for authentication. Proceedings of the 9th USENIX security symposium (Vol. 9, pp. 4-4).  Denver, Colorado, USA.

[37]   Sun, H. M., Chen, S. T., Yeh, J. H., & Cheng, C. Y. (2016). A shoulder surfing resistant graphical authentication system. IEEE transactions on dependable and secure computing15(2), 180-193.

[38]   Man, Sh., Hong, D., & Matthews, M. (2003). A shoulder-surfing resistant graphical password scheme - WIW. Proceedings of international conference on security and management. (pp.105-111).  LasVegas, Nevada, USA: CSREA Press.

[39]   Jansen, W. (2004). Authenticating mobile device users through image selection. In K. Motgan (Ed), the internet society: advances in learning, commerce and security. WIT Press.

[40]   Edited By: K. MORGAN, University of Bergen, Norway and J.M. SPECTOR, Syracuse University, USA

[41]    WIT transactions on information and communication technologies30.

[42]   Takada, T., & Koike, H. (2003, September). Awase-E: image-based authentication for mobile phones using user’s favorite images. International conference on mobile human-computer interaction (pp. 347-351). Berlin, Heidelberg: Springer.

[43]   Eljetlawi, A. M. (2010, May). Graphical password: existing recognition base graphical password usability. INC2010: 6th international conference on networked computing (pp. 1-5). IEEE.

[44]   Blonder, G. E. (1996). U.S. Patent No. 5,559,961. Washington, DC: U.S. Patent and Trademark Office.

[45]   Syukri, A. F., Okamoto, E., & Mambo, M. (1998, July). A user identification system using signature written with mouse. Australasian conference on information security and privacy (pp. 403-414). Berlin, Heidelberg: Springer.

[46]   Varenhorst, C., Kleek, M. V., & Rudolph, L. (2004). Passdoodles: A lightweight authentication method. Research science institute. Retrieved from

[47]   Wiedenbeck, S., Waters, J., Birget, J. C., Brodskiy, A., & Memon, N. (2005). PassPoints: Design and longitudinal evaluation of a graphical password system. International journal of human-computer studies63(1-2), 102-127.

[48]   Zhao, H., & Li, X. (2007, May). S3PAS: A scalable shoulder-surfing resistant textual-graphical password authentication scheme. 21st international conference on advanced information networking and applications workshops (AINAW'07) (Vol. 2, pp. 467-472). IEEE.

[49]   Gao, H., Guo, X., Chen, X., Wang, L., & Liu, X. (2008, December). Yagp: Yet another graphical password strategy. In 2008 Annual computer security applications conference (ACSAC) (pp. 121-129). IEEE.

[50]   Wiedenbeck, S., Waters, J., Sobrado, L., & Birget, J. C. (2006, May). Design and evaluation of a shoulder-surfing resistant graphical password scheme. Proceedings of the working conference on advanced visual interfaces (pp. 177-184).

[51]   Kumar, M., Garfinkel, T., Boneh, D., & Winograd, T. (2007, July). Reducing shoulder-surfing by using gaze-based password entry. Proceedings of the 3rd symposium on usable privacy and security (pp. 13-19).

[52]   Suo, X., Zhu, Y., & Owen, G. S. (2005, December). Graphical passwords: A survey. In 21st Annual computer security applications conference (ACSAC'05) (pp. 10-pp). IEEE.

[53]   De Angeli, A., Coventry, L., Johnson, G., & Renaud, K. (2005). Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems. International journal of human-computer studies63(1-2), 128-152.

[54]   Al-Turjman, F. (2019). Cognitive routing protocol for disaster-inspired internet of things. Future generation computer systems92, 1103-1115.