Login Authentication with Facial Gesture Recognition

Facial recognition has proven to be very useful and versatile, from Facebook photo tagging and Snapchat filters to modeling fluid dynamics and designing for augmented reality. However, facial recognition has only been used for user login services in conjunction with expensive and restrictive hardware technologies, such as in smart phone devices like the iPhone x. This project aims to apply machine learning techniques to reliably distinguish user accounts with only common cameras to make facial recognition logins more accessible to website and software developers. To show the feasibility of this idea, we created a web API that recognizes a users face to log them in to their account, and we will create a simple website to test the reliability of our system. In this paper, we discuss our database-centric architecture model, use cases and activity diagrams, technologies we used for the website, API, and machine learning algorithms. We also provide the screenshots of our system, the user manual, and our future plan

Picture Passwords in Mixed Reality

We present HoloPass, a mixed reality application for the HoloLens wearable device, which allows users to perform user authentication tasks through gesture-based interaction. In particular, this paper reports the implementation of picture passwords for mixed reality environments, and highlights the development procedure, lessons learned from common design and development issues, and how they were addressed. It further reports a between-subjects study (N=30) which compared usability, security, and likeability aspects of picture passwords in mixed reality vs. traditional desktop contexts aiming to investigate and reason on the viability of picture passwords as an alternative user authentication approach for mixed reality. This work can be of value for enhancing and driving future implementations of picture passwords in mixed reality since initial results are promising towards following such a research line

TQ-Model: A New Evaluation Model for Knowledge-Based Authentication Schemes

Many user authentication schemes are developed to resolve security issues of traditional textual password scheme. However, only Android unlock scheme gets wide acceptance among users in the domain of smartphones. Although Android unlock scheme has many security issues, it is widely used due to usability advantages. Different models and frameworks are developed for evaluating the performance of user authentication schemes. However, most of the existing frameworks provide ambiguous process of evaluation, and their results do not reflect how much an authentication scheme is strong or weak with respect to traditional textual password scheme. In this research paper, an evaluation model called textual passwords-based quantification model (TQ-Model) is proposed for knowledge-based authentication schemes. In the TQ-Model, evaluation is done on the basis of different features, which are related to security, usability and memorability. An evaluator needs to assign a score to each of the feature based on some criteria defined in the model. From the evaluation result, the performance difference between a knowledge-based authentication scheme and textual password scheme can be measured. Furthermore, evaluation results of Android unlock scheme, picture gesture authentication scheme and Passface scheme are presented in the paper using the TQ-Model

Conceivable security risks and authentication techniques for smart devices

With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques

CMAPS: A Chess-Based Multi-Facet Password Scheme for Mobile Devices

It has long been recognized, by both security researchers and human-computer interaction researchers, that no silver bullet for authentication exists to achieve security, usability, and memorability. Aiming to achieve the goals, we propose a Multi-fAcet Password Scheme (MAPS) for mobile authentication. MAPS fuses information from multiple facets to form a password, allowing MAPS to enlarge the password space and improve memorability by reducing memory interference, which impairs memory performance according to psychology interference theory. The information fusion in MAPS can increase usability, as fewer input gestures are required for passwords of the same security strength. Based on the idea of MAPS, we implement a Chess-based MAPS (CMAPS) for Android systems. Only two and six gestures are required for CMAPS to generate passwords with better security strength than 4-digit PINs and 8-character alphanumeric passwords, respectively. Our user studies show that CMAPS can achieve high recall rates while exceeding the security strength of standard 8-character alphanumeric passwords used for secure applications

CMAPS: A Chess-Based Multi-Facet Password Scheme for Mobile Devices

It has long been recognized, by both security researchers and human-computer interaction researchers, that no silver bullet for authentication exists to achieve security, usability, and memorability. Aiming to achieve the goals, we propose a Multi-fAcet Password Scheme (MAPS) for mobile authentication. MAPS fuses information from multiple facets to form a password, allowing MAPS to enlarge the password space and improve memorability by reducing memory interference, which impairs memory performance according to psychology interference theory. The information fusion in MAPS can increase usability, as fewer input gestures are required for passwords of the same security strength. Based on the idea of MAPS, we implement a Chess-based MAPS (CMAPS) for Android systems. Only two and six gestures are required for CMAPS to generate passwords with better security strength than 4-digit PINs and 8-character alphanumeric passwords, respectively. Our user studies show that CMAPS can achieve high recall rates while exceeding the security strength of standard 8-character alphanumeric passwords used for secure applications