IJSRSET151363 | Received: 14 June 2015 | Accepted: 22 June 2015 | May-June 2015 [(1)3: 316-323] © 2015 IJSRSET | Volume 1 | Issue 3 | Print ISSN : 2395-1990 | Online ISSN : 2394-4099 Themed Section: Engineering and Technology 316 Authentication Scheme for Passwords using Color and Text Vikas B O Department of Computer Science and Engineering, SCE Bangalore, Karnataka, India ABSTRACT The most common method used for authentication is textual passwords. But textual passwords are in risk to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are helpless to shoulder surfing as well as it has higher storage and computational complexity. To address this problem, text can be combined with colors to generate passwords for authentication. The combination of color and text password with efficient matching between the two provides authentication as well as security to the user. Hence using the technique of integration with color and textual password is proposed to generate passwords which are resistant to shoulder surfing. Keywords: Graphical passwords, Recognition-based, Cued- recall based, Pure-recall based authentication scheme I. INTRODUCTION In any organization, regardless the size and nature of the company, information security is a major concern. The protection of information and implementation of adequate security mechanisms with respect to confidentiality, integrity and authenticity are especially important in today's increasingly interconnected business environment. Traditional textual passwords are perhaps the most prevalent and convenient authentication method because they are familiar to all users, easy to use, and cheap to implement. The known weakness of traditional user authentication is a tendency to choose passwords with predictable characteristics, which in turn reduces password strength and makes it vulnerable to various attacks as mentioned in [2]. Sufficiently secure password should be at least eight characters or longer, random, without any semantic content, with mix of uppercase and lowercase letters, digits, and special symbols. Generally, users ignore any tips and recommendations for creating a secure password. Moreover, some users write down their passwords on a piece of paper, share passwords with others or use the same password for multiple accounts. Most of the common attacks namely brute force search attack, dictionary attack, guessing attack, shoulder surfing attack, spyware attack, and social engineering attack can use these weaknesses for attacking to the system. In attempt to overcome the weaknesses of traditional textual password, graphical password schemes have emerged as a possible security enhancement. Human's ability to better recognize visual information as opposed to verbal information makes the graphical passwords easier to remember as discussed in [4]. The first graphical password based scheme was introduced by Greg Blonder in 1996. In his scheme the user is asked to click on several locations on the image to create a password. To login the user must click on previously selected locations on the image or close to those locations. Today, there is a growing interest in graphical passwords but most of the graphical password authentication schemes have not been widely adopted. Related Work Currently, user authentication mechanisms fall under three main categories: 1. Biometric authentication (something you are) 2. Token-based authentication (something you have) 3. Knowledge-based authentication (something you know) as mentioned in [6]