Title

Secure Graphical One Time Password (GOTPass): An Empirical Study

Document Type

Journal Article

Publication Title

Information Security Journal: A Global Perspective

Publisher

Taylor and Francis

School

School of Science

RAS ID

22317

Comments

Originally published as: Alsaiari, H., Papadaki, M., Dowland, P., & Furnell, S. (2015). Secure graphical one time password (gotpass): An empirical study. Information Security Journal: A Global Perspective, 24(4-6), 207-220. Original publication available here

Abstract

The traditional text-based password has been the default security medium for years; however, the difficulty of memorizing secure strong passwords often leads to insecure practices. A possible alternative solution is graphical authentication, which is motivated by the fact that the capability of humans’ memory for images is superior to text, which helps to improve password usability and security. Recently, some implementations of graphical authentication techniques have been deployed in practice. This paper introduces a new hybrid graphical authentication, “GOTPass,” that authenticates by means of a one-time numerical code that needs to be typed in based on a sequence of secret images and a prechosen input format. An important focus for this paper was the security aspects of the graphical password scheme. This paper reports an in-depth analysis of the security evaluation and shows a high resistance capability of GOTPass against common graphical password attacks. Three attacks were simulated (Guessing, Intersection, and Shoulder-surfing), and the results showed that nearly 98% of the 690 attempts failed to compromise the system.

DOI

10.1080/19393555.2015.1115927

Share

 
COinS