Against Spyware Using CAPTCHA in Graphical Password Scheme

Liming Wang; Xiuling Chang; Zhongjie Ren; Haichang Gao; Xiyang Liu,; Uwe Aickelin

arXiv:1305.7485·cs.CR·November 18, 2016

Against Spyware Using CAPTCHA in Graphical Password Scheme

Liming Wang, Xiuling Chang, Zhongjie Ren, Haichang Gao, Xiyang Liu,, Uwe Aickelin

PDF

TL;DR

This paper introduces a CAPTCHA-based graphical password scheme designed to resist spyware attacks, enhancing security while maintaining usability, though further usability improvements are needed based on initial experiments.

Contribution

The paper proposes a novel CAPTCHA-based graphical password scheme that significantly increases resistance to spyware attacks compared to existing schemes.

Findings

01

The scheme raises the cost for adversaries by orders of magnitude.

02

Initial experiments suggest usability improvements are necessary.

03

The approach retains the advantages of graphical passwords while enhancing security.

Abstract

Text-based password schemes have inherent security and usability problems, leading to the development of graphical password schemes. However, most of these alternate schemes are vulnerable to spyware attacks. We propose a new scheme, using CAPTCHA (Completely Automated Public Turing tests to tell Computers and Humans Apart) that retaining the advantages of graphical password schemes, while simultaneously raising the cost of adversaries by orders of magnitude. Furthermore, some primary experiments are conducted and the results indicate that the usability should be improved in the future work.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.