A Novel Method for Graphical Password Mechanism

For the verification of authorized users in computer systems, various text based or biometrics methods are used. But these methods have some drawbacks. It is difficult to remember and recall the textual i.e. alphanumeric passwords. To avoid this drawback users prefer to create effortless, short, easy and insecure passwords which are easily guessable by hacker and this makes the system more vulnerable to attacks. On other hand, verification mechanisms based on biometrics offers security to a good extents. But they are quite luxurious for implementation. Cost becomes a key factor in the case of biometrics. Also any injury to the body part used in biometric authorization results in denial of access or performance issues. Graphical password provides another way by providing passwords that are more protected and unforgettable in a reasonable price. In this system, user clicks on images instead of typing passwords for accessing the system. This paper describes and examines usability and security of graphical password mechanism for authentication using graphical passwords. Proposed system describes characteristics for security and performed empirical study comparing Graphical password mechanism with Biometric passwords and alphanumeric password. DOI: 10.17762/ijritcc2321-8169.15013

Graphical Authentication System Using Image Panels

The use of alphanumeric usernames and passwords is the most widely used technique for authentication. It is found that this technique has serious drawbacks. For instance, users frequently select passwords that are simple to remember. On the other hand, it may be challenging to recollect a complicated password. The creation of an OTP is another option, but it can take some time and comes with a risk (losing it in the allotted time). These existing methodologies have some disadvantages. A graphical authentication is the best to remember and hard to guess. So, a graphical authentication technique is proposed to address the problems of low security, shoulder surfing, dictionary and brute force attacks. In this methodology, the user must register by providing the required information and by selecting a panel from 3-5 images. This methodology is tested using entropy and proved that this approach is efficient than the existing methods.

Developing a secured social networking site using informa on security awareness techniques

Background: Ever since social network sites (SNS) became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA) remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it dif cult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has con rmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP) approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it

A Serious Game Design: Nudging Users’ Memorability of Security Questions

Online review communities thrive on contributions from different reviewers, who exhibit a varying range of community behaviors. However, no attempt has been made in the IS literature to cluster behavioral patterns across a reviewer population. In this paper, we segment the reviewers of a popular review site (Yelp) using two-step cluster analysis based on four key attributes (reviewer involvement, sociability, experience, and review quality), resulting in three distinct reviewer segments - Enthusiasts, Adepts, and Amateurs. We also compare the propensity of receiving community recognition across these segments. We find that the Enthusiasts, who show high involvement and sociability, are the most recognized. Surprisingly, the Adepts, who are high on review quality, are the least recognized. The study is a novel attempt on reviewer segmentation and provides valuable insights to the community managers to customize strategies to increase productivity of different segments

Simple Nudges for Better Password Creation

Recent security breaches have highlighted the consequences of reusing passwords across online accounts. Recent guidance on password policies by the UK government recommend an emphasis on password length over an extended character set for generating secure but memorable passwords without cognitive overload. This paper explores the role of three nudges in creating website-specific passwords: financial incentive (present vs absent), length instruction (long password vs no instruction) and stimulus (picture present vs not present). Mechanical Turk workers were asked to create a password in one of these conditions and the resulting passwords were evaluated based on character length, resistance to automated guessing attacks, and time taken to create the password. We found that users created longer passwords when asked to do so or when given a financial incentive and these longer passwords were harder to guess than passwords created with no instruction. Using a picture nudge to support password creation did not lead to passwords that were either longer or more resistant to attacks but did lead to account-specific passwords

Understanding the Experience-Centeredness of Privacy and Security Technologies

The joint study of computer security, privacy and human-computer interaction (HCI) over the last two decades has shaped a research agenda focused upon usable privacy & security. However, in HCI research more generally there has long been an awareness of the need to understand and design for user experience, in recognition of the complex and multi-faceted role that technology now plays in our lives. In this paper we add to the growing discussion by introducing the notion of experience-centered privacy and security. We argue that in order to engage users of technology around issues related to experiences of privacy and security, research methods are required that may be outside of the normal repertoire of methods that we typically call upon. We describe three projects that developed non-typical research methods to reveal experiential insights into user interactions with privacy and security-related technologies. We conclude by proposing a research agenda that begins to illustrate how the discourse and methods of experience-centered design might serve to provide valuable alternative perspectives on new and enduring user-facing privacy and security problems

Persuasive technologies: a systematic literature review and application to PISA

Persuasive Technologies is an expansive eld that covers various research areas including engineering and social sciences. This document summarizes current and historical models of information processing, persuasion and persuasive systems design in order to place other studies in the eld within context. The Persuasive Systems Design Model is then selected as the most recent and comprehensive model in the eld, afer which a series of sample context analyses are performed using this model. The case used for these context analyses is the PISA tool. Finally, we consider the limitations and possible future work of this literature review