Sciweavers

MCETECH
2009
Springer

TwoStep: An Authentication Method Combining Text and Graphical Passwords

14 years 4 months ago
TwoStep: An Authentication Method Combining Text and Graphical Passwords
Text-based passwords alone are subject to dictionary attacks as users tend to choose weak passwords in favor of memorability, as well as phishing attacks. Many recognition-based graphical password schemes alone, in order to offer sufficient security, require a number of rounds of verification, introducing usability issues. We suggest a hybrid user authentication approach combining text passwords, recognition-based graphical passwords, and a two-step process, to provide increased security with fewer rounds than such graphical passwords alone. A variation of this two-step authentication method, which we have implemented and deployed, is in use in the real world.
Paul C. van Oorschot, Tao Wan
Added 27 May 2010
Updated 27 May 2010
Type Conference
Year 2009
Where MCETECH
Authors Paul C. van Oorschot, Tao Wan
Comments (0)