JSPM’S BHIVRABAI SAWANT POLYTECHNIC WAGHOLI (2023-2024)

CENTER OF ACADEMIC EXCELLENCE

Approval by AICTE New Delhi, Recognized by the Govt. of Maharashtra and
Affiliated to MSBTE, Mumbai.
Institute Code: 0710

Title of Micro project: Graphical Password Authentication System Using Intuitive Approach

Academic Year: 2023-24 Course: Network & Information Security . Course Code:22620

Submitted By:

Roll No Student Name Sign of Student

11. Shrutika Ganesh Pardeshi
12. Tanuja Subhash Choudhari
13. Om Rajesh Bhati
14. Divya Raju Bansode
15. Niwedita Dhanaji Lavate

HOD Of Department: Under the guidance of:

Prof. S.G .Gaikwad Mrs. Nikat Attar

 BHIVRABAI SAWANT POLYTECHNIC, WAGHOLI, PUNE
ANEEXURE II
Evaluation Sheet for the Micro Project
Academic Year: 2023-24 Name of the Faculty: Mrs. Nikat Attar
Course: Network & Information Security Course code : 22620 Semester: IV
Title of the project: Graphical Password Authentication System Using Intuitive Approach
COs addressed by Micro Project:

A:………………………………………………………………………………………………………
B:………………………………………………………………………………………………………
C:………………………………………………………………………………………………………
D:………………………………………………………………………………………………………
……..
Major learning outcomes achieved by students by doing the project

a)Practical outcome:………………………………………………………………………………….

b)Unit outcomes in Cognitive domain:……………………………………………………………….

c)Outcomes in Affective domain:……………………………………………………………………

Comments/suggestions about team work /leadership/inter-personal communication (if any)
………………………………………………………………………………………………………
Marks out of 6 Marks out of 4for
for performance performance in
Roll Student Name in group activity oral/ presentation Total
No (D5 (D5 out of
Col.8) Col.9) 10
11 Shrutika Ganesh Pardeshi

12 Tanuja Subhash Choudhari

13 Om Rajesh Bhati

14 Divya Raju Bansode

15 Niwedita Dhanaji Lavate

(Name and Signature of Faculty)

 BHIVRABAI SAWANT POLYTECHNIC,
WAGHOLI, PUNE

Micro Project Plan

Week Date Duration Sign of

No. in hours Work or activity Performed the Guide
1 One
Group Discussion on Topic
hour
2 One
Assign task to group
hour
3 One
Giving Particular Information
hour
4 One
Got Course and Practical Outcomes
hour
5 One
Taking Review about collected Data
hour
6 One
Verify Material in Sequence
hour
7 One
Discussion on Suggestions
hour
8 One
Arrange Data in Sequence
hour
9 One
Prepare proposal of the project
hour
10 One
Verify the Draft from Teacher
hour
11 One
Rearrange the data
hour
12 One
Share Data among Group
hour
13 One
Prepare the report
hour
14 One
Work on Data
hour
15 One
Prepare soft copy
hour
16 One
Submission
hour
 INDEX

SR.
NO. TOPIC
1. Abstract
2. Introduction
3. Flowchart
4. Algorithm
5. Advantages
6. Disadvantages
7. Reference

8. Conclusion
 Abstract

The project revolves around the development and implementation of a graphical password
authentication system using an intuitive approach. The primary objective of this project is to enhance
the security of user authentication processes. This enhancement is achieved by leveraging the human
brain's inherent ability to recognize and recall images more effectively than alphanumeric characters.
This system aims to address the limitations of traditional text-based passwords and provide a more
secure and user-friendly alternative. Traditional text-based passwords, while being the most common
method of authentication, have several drawbacks. They are often vulnerable to brute force attacks,
where an attacker tries all possible combinations of characters. Additionally, users may find it
challenging to remember complex passwords, which are typically a random combination of letters,
numbers, and special characters. This difficulty in remembering passwords often leads users to choose
simple and easily guessable passwords, further compromising the security of the system. On the other
hand, graphical passwords, which involve the use of images, are generally easier to remember for most
people. This is because the human brain is better at recalling images compared to text. Moreover, the
large number of possible combinations of images makes graphical passwords harder to guess or crack,
thereby providing a higher level of security. However, designing an effective graphical password
system is a challenging task. It requires a careful balance between usability and security. The system
must be easy to use and remember for the user, while also being secure against various types of
attacks. This project aims to achieve this balance by using an intuitive approach to graphical password
authentication.
 Introduction

Password authentication is a critical aspect of system security. It is the most common method used to
verify the identity of a user. However, traditional text-based passwords, while widely used, have
several drawbacks. They are often vulnerable to brute force attacks, where an attacker tries all possible
combinations of characters. Additionally, users may find it challenging to remember complex
passwords, which are typically a random combination of letters, numbers, and special characters. This
difficulty in remembering passwords often leads users to choose simple and easily guessable
passwords, further compromising the security of the system. To address these issues, researchers have
proposed various alternatives to text-based passwords. One such alternative. is graphical password
authentication. Graphical password authentication systems leverage the human brain's superior
capability in recalling images compared to text. In a graphical password system, the user selects a
series of images as their password. To authenticate, the user must correctly identify these images from
among a set of decoy images. This project focuses on developing a graphical password authentication
system using an intuitive approach. The intuitive approach involves the use of images that are easy for
the user to remember. These could be images that the user has a personal connection with, or images
that are easy to remember due to their distinct features. The goal is to make the password easy to
remember for the user, while also being hard to guess for an attacker.

➢ Why we use

1. Ease of Use:
Graphical passwords are often more intuitive and easier to remember compared to traditional
text- based passwords. Users can select images or draw patterns that have personal
significance to them, making the authentication process more user-friendly.

2. Resistance to Dictionary Attacks:

Graphical passwords are generally more resistant to dictionary attacks since they involve
images or patterns rather than text strings. This can enhance security by making it harder for
attackers to guess or crack passwords.

3. Reduced Shoulder Surfing:

Traditional text passwords are vulnerable to shoulder surfing, where attackers can observe
users entering their passwords. Graphical passwords, especially those involving gestures or
patterns, are less susceptible to this type of attack since they do not rely on characters being
entered sequentially.

4. Support for Diverse Users:

Graphical passwords can accommodate users with varying levels of literacy and language
proficiency, as well as those with disabilities that may make text-based authentication
challenging.
 ➢ How it’s Work

Graphical password authentication using an intuitive approach is a method of user authentication

where users select or draw upon images, patterns, or shapes to authenticate themselves instead of using
traditional alphanumeric passwords. This approach is often used in Network Information Systems
(NIS) to enhance security and usability. Here's how it typically works:

1. Registration :
During the registration process, users are presented with a set of images or graphical elements
from which they can choose or create their own graphical password. This could involve
selecting a particular sequence of images, drawing a specific pattern, or any other intuitive
method.

2. Creation of Graphical Password :

Users select or create their graphical password based on their preferences and intuition. This
could involve selecting a sequence of images that holds personal significance, drawing a pattern
that is easy for them to remember, or any other method that feels natural to them.

3. Authentication :
When users want to authenticate themselves, they are presented with the same set of images or
graphical elements they encountered during registration. They then replicate the sequence or
pattern they previously selected or created.

4. Verification :
The system compares the input provided by the user during authentication with the stored
graphical password associated with that user. If the input matches the stored graphical
password, authentication is successful, and access is granted.
Flowchart
 Algorithm
1. User Registration:
- User selects a set of images during registration.

2. Encoding and Storage:

- Images are encoded and securely stored in the system's database.

3. Authentication:
- User selects their images from a grid presented by the system.
- System compares the selected images with the stored ones for authentication.

4. Verification:
- If the selected images match, authentication is successful.

5. Security Measures:
- Implement encryption for stored data and protection against brute force attacks.

OR

The algorithm for the graphical password authentication system involves three main steps.
The first step is user registration. During registration, the user is presented with a set of images. The
user selects a series of images from this set to create their password. The selected images and their
order form the user's graphical password. The system stores this password for future authentication.
The second step is user login. During authentication, the user is presented with several sets of images.
Each set contains one image from the password sequence along with several decoy images. The user
identifies the images from their password sequence. The order of selection is important, as it forms
part of the password.
The third step is authentication. The system verifies the sequence of selected images against the stored
password sequence. If the sequences match, the user is authenticated and granted access to the system.
If the sequences do not match, the user is denied access. The algorithm is designed to be simple and
intuitive for the user, while also providing a high level of security. The large number of possible image
sequences makes it difficult for an attacker to guess the password. Furthermore, even if an attacker is
able to observe the user entering their password, they would still need to know the correct order of the
images, adding an additional layer of security.
 Advantages

1. Memorability :
Graphical passwords, with their use of images, are generally easier to remember than text-based
passwords.

2. Security :
The large number of possible image sequences increases the resistance to brute force attacks.

3. User-Friendly:
Graphical passwords can be more intuitive and user-friendly, especially for those who are visual
learners or have difficulty with text-based passwords.

4. International Usability:
They do not rely on the knowledge of a particular language or alphabet, making them
universally usable.

5. Size of Password Space:

The number of possible graphical passwords is significantly larger than text-based passwords,
providing a larger password space.

Disadvantages

1. Shoulder Surfing :
Graphical passwords are potentially vulnerable to shoulder surfing attacks, where an attacker
observes the user entering their password.

2. Screen Resolution :
The effectiveness of a graphical password system can depend on the screen resolution. Smaller
screens might make it difficult to select images accurately.

3. Implementation Cost:
The development and implementation of a secure and efficient graphical password system can be
complex and costly.
 Reference

o https://www.academia.edu/71469272/Graphical_Password_Authentication_System_Using_M
odified_Intuitive_Approach
o https://link.springer.com/chapter/10.1007/978-981-10-5520-1_15
o https://www.researchgate.net/profile/Dr-Dey-
5/publication/358234430_Graphical_Password_Authentication_System_Using_Modified_Int
uitive_Approach/links/61f79d724393577abe00c801/Graphical-Password-Authentication-
System-Using-Modified-Intuitive-Approach.pdf?origin=publication_detail
o https://elearningatria.files.wordpress.com/2013/10/ise-viii-information-and-network-security-
06is835-notes.pdf
o https://bookstation.in/products/9789389750065

Conclusion

In conclusion, graphical password authentication using an intuitive approach provides a promising

alternative to traditional text-based passwords. By leveraging the human brain's superior capability in
recalling images,graphical passwords offer improved memorability and potential resistance to brute
force attacks. However, there are challenges to be addressed, such as vulnerability to shoulder surfing
attacks and increased complexity of the authentication process. Despite these challenges, the benefits
of graphical passwords make them a compelling area for further research and development. Future
work could focus on developing countermeasures to shoulder surfing attacks, such as using distorted
or partially hidden images. Additionally, user interface design principles could be applied to make the
authentication process more user-friendly. With continued research and development. graphical
password authentication systems have the potential to significantly enhance the security and usability
of user authentication processes.