Skip to main content
SpringerLink
Log in

PassPage: Graphical Password Authentication Scheme Based on Web Browsing Records

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12063))

Included in the following conference series:

Abstract

This paper proposes a two-factor graphical password authentication scheme, PassPage, which is suitable for website authentication with enhanced security. It leverages the implicit memory based on the user’s web browsing records. Whenever the user tries to log in, the server returns 9 small pages as a challenge, and asks the user to select all the pages the user has browsed besides inputting a text password. We performed user experiments on 12 volunteers. The experiment results showed that the average login success rate on a news website is steadily over 80% when the users are familiar with the login process, and the login success rate does not decrease sharply in 6 days.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Robert, B., Chiasson, S., Van Oorschot, P.C.: Graphical passwords: learning from the first twelve years. ACM Comput. Surv. (CSUR) 44(4), 19 (2012)

    MATH  Google Scholar 

  2. Brostoff, S., Sasse, M.A.: Are passfaces more usable than passwords? A field trial investigation. In: McDonald, S., Waern, Y., Cockton, G. (eds.) People and Computers XIV—Usability or Else!, pp. 405–424. Springer, London (2000). https://doi.org/10.1007/978-1-4471-0515-2_27

    Chapter  Google Scholar 

  3. Bianchi, A., Oakley, I., Kim, H.: PassBYOP: bring your own picture for securing graphical passwords. IEEE Trans. Hum.-Mach. Syst. 46(3), 380–389 (2015)

    Article  Google Scholar 

  4. Uellenbeck, S., et al.: Quantifying the security of graphical passwords: the case of Android unlock patterns. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. ACM (2013)

    Google Scholar 

  5. Stobert, E., Biddle, R.: Memory retrieval and graphical passwords. In: Proceedings of the Ninth Symposium on Usable Privacy and Security. ACM (2013)

    Google Scholar 

  6. Zhu, B.B., et al.: CAPTCHA as graphical passwords—a new security primitive based on hard AI problems. IEEE Trans. Inf. Forensics Secur. 9(6), 891–904 (2014)

    Article  Google Scholar 

  7. Gao, H., et al.: A survey on the use of graphical passwords in security. JSW 8(7), 1678–1698 (2013)

    Google Scholar 

  8. Rao, K., Yalamanchili, S.: Novel shoulder-surfing resistant authentication schemes using text-graphical passwords. Int. J. Inf. Netw. Secur. 1(3), 163 (2012)

    Google Scholar 

  9. Renaud, K., et al.: Are graphical authentication mechanisms as strong as passwords?. In: 2013 Federated Conference on Computer Science and Information Systems. IEEE (2013)

    Google Scholar 

  10. Khan, M.A., et al.: g-RAT—a novel graphical randomized authentication technique for consumer smart devices. IEEE Trans. Consum. Electron. 65(2), 215–223 (2019)

    Article  Google Scholar 

  11. Mackie, I., Yıldırım, M.: A novel hybrid password authentication scheme based on text and image. In: Kerschbaum, F., Paraboschi, S. (eds.) DBSec 2018. LNCS, vol. 10980, pp. 182–197. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-95729-6_12

    Chapter  Google Scholar 

  12. Mokal, P.H., Devikar, R.N.: A survey on shoulder surfing resistant text based graphical password schemes. Int. J. Sci. Res. (IJSR) 3(4), 747–750 (2014)

    Google Scholar 

  13. Gaikwad, A.: A survey in shoulder surfing resistant graphical authentication system. Int. J. Emerg. Technol. Comput. Sci. 2(3) (2017)

    Google Scholar 

  14. Denning, T., et al.: Exploring implicit memory for painless password recovery. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (2011)

    Google Scholar 

  15. Das, S., Hayashi, E., Hong, J.I: Exploring capturable everyday memory for autobiographical authentication. In: Proceedings of the 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing (2013)

    Google Scholar 

  16. Sun, H., et al.: PassApp: my app is my password!. In: Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services (2015)

    Google Scholar 

  17. Nguyen, N., Sigg, S.: PassFrame: generating image-based passwords from egocentric videos. In: 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). IEEE (2017)

    Google Scholar 

  18. Woo, S., et al.: Life-experience passwords (LEPS). In: Proceedings of the 32nd Annual Conference on Computer Security Applications (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Software and Microelectronics, Peking University, Beijing, China

    Xian Chu, Huiping Sun & Zhong Chen

Authors
  1. Xian Chu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huiping Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhong Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Huiping Sun .

Editor information

Editors and Affiliations

  1. University of Michigan–Ann Arbor, Ann Arbor, USA

    Matthew Bernhard

  2. Computing Science and Mathematics, University of Stirling, Stirling, UK

    Andrea Bracciali

  3. Computer Science Department, Indiana University, Bloomington, USA

    L. Jean Camp

  4. Department of Computer Science, Georgetown University, Washington, WA, USA

    Shin'ichiro Matsuo

  5. Western Sydney University, Parramatta, Australia

    Alana Maurushat

  6. Maison du Nombre, University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Peter B. Rønne

  7. Dipartimento di Matematica, University of Trento, Trento, Trento, Italy

    Massimiliano Sala

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chu, X., Sun, H., Chen, Z. (2020). PassPage: Graphical Password Authentication Scheme Based on Web Browsing Records. In: Bernhard, M., et al. Financial Cryptography and Data Security. FC 2020. Lecture Notes in Computer Science(), vol 12063. Springer, Cham. https://doi.org/10.1007/978-3-030-54455-3_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-54455-3_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-54454-6

  • Online ISBN: 978-3-030-54455-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation