To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
Ef?cacy of Object-Based Passwords for User Authentication |
|
Author |
Sufian Hameed, Lamak Qaizar and Shankar Khatri |
| Citation |
Vol. 17 No. 12 pp. 33-40 |
|
Abstract |
Traditional text-based password schemes are inherently weak. Users tend to choose passwords that are easy to remember, making them susceptible to various attacks that have matured over the years. ObPwd [5] has tried to address these issues by converting user-selected digital objects to high-entropy text passwords for user authentication. In this paper, we extend the ObPwd scheme with a new object based password scheme that performs majority of the computation at the server side. This paper essentially discusses two frameworks for object password schemes, an object hash-based scheme (where the client machine computes the hash of the object to be used as text password) and an object-based scheme (where the object is directly transmitted to the server as password). We also evaluate the performance of both the object password schemes against conventional text-based password schemes using prototypes of each of the frameworks. Implications with respect to ease of use, sharing and security are also discussed. |
|
Keywords |
Authentication, Object-based Passwords, Passwords, object-hash. |
|
URL |
