Various graphical password schemes have been proposed as an alternative to text-based passwords. We propose and examine the usability and security of Persuasive Cued Click Points (PCCP) with a supportive sound signature, a cued-recall graphical password technique. Users click on one point per image for a sequence of images and they are asked to select a sound signature corresponding to each click-point. In PCCP, the next image will be based on the previous click-point. PCCP provides greater security than Pass Points because the number of images increases the workload for attackers. The cued-click point application in this project can be used to enter into a private SMS area, where the SMSs from specified numbers are kept hidden from the Inbox of the ANDROID mobile. As the solution to image gallery attacks digital watermarking is used in the images. In addition to these, we propose to implement a CAPTCHA which ensures the user to be a human and not any machine. Thus additional security to spambot can be ensured.

Graphical Password; Persuasive Cued Click Points; Cued Click Point; Sound Signature; Digital Signature; CAPTCHA; ANDROID; SMS; Spambot

[1] S. Chiasson, R. Biddle, and P. van Oorschot, “A Second Look at the Usability of Click-Based Graphical Passwords,” Proc. ACM Symp. Usable Privacy and Security (SOUPS), July 2007.
[2] S. Chiasson, A. Forget, R. Biddle, and P. van Oorschot, “Influencing Users towards Better Passwords: Persuasive Cued Click-Points,” Proc. British HCI Group Ann. Conf. People and Computers: Culture, Creativity, Interaction, Sept. 2008.
[3] S. Chiasson, A. Forget, E. Stobert, P. van Oorschot, and R. Biddle, “Multiple Password Interference in Text and Click-Based Graphical Passwords,” Proc. ACM Conf. Computer and Comm. Security (CCS), Nov. 2009.
[4] E. Stobert, A. Forget, S. Chiasson, P. van Oorschot, and R. Biddle, “Exploring Usability Effects of Increasing Security in Click-Based Graphical Passwords,” Proc. Ann. Computer Security Applications Conf. (ACSAC), 2010.
[5] S. Chiasson, A. Forget, R. Biddle, and P.C. van Oorschot, “User Interface Design Affects Security: Patterns in Click-Based Graphical Passwords,” Int’l J. Information Security, vol. 8, no. 6, pp. 387-398, 2009.
[6] S. Chiasson, P. van Oorschot, and R. Biddle, “Graphical Password Authentication Using Cued Click Points,” Proc. European Symp. Research in Computer Security (ESORICS), pp. 359-374, Sept. 2007.
[7] L. von Ahn, M. Blum, and J. Langford. Telling Humans and Computer Apart Automatically. Communications of the ACM, 2004, 47(2), pp.57-60.
[8] Birget, J.C., D. Hong, and N. Memon. Graphical Passwords Based on Robust Discretization. IEEE Trans. Info. Forensics and Security, 1(3), September 2006.
[9] Blonder, G.E. Graphical Passwords. United States Patent 5,559,961, 1996.
[10] Davis, D., F. Monrose, and M.K. Reiter. On User Choice in Graphical Password Schemes. 13th USENIX Security Symposium, 2004.
[11] Passfaces. http://www.realuser.com Last accessed: December 1, 2006.
[12] Renaud, K. Evaluating Authentication Mechanisms. Chapter 6 in [4].
[13] Weinshall, D. Cognitive Authentication Schemes Safe Against Spyware (Short Paper). IEEE Symposium on Security and Privacy, 2006.
[14] Wiedenbeck, S., J.C. Birget, A. Brodskiy, and N. Memon. Authentication Using Graphical Passwords: Effects of Tolerance and Image Choice. ACM SOUPS, 2005.
[15] Wiedenbeck, S., J. Waters, J.C. Birget, A. Brodskiy, and N. Memon. PassPoints: Design and longitudinal evaluation of a graphical password system. International Journal of Human-Computer Studies 63, 102-127, 2005.
[16] J. Wolf, “Visual Attention,” Seeing, K. De Valois, ed., pp. 335-386, Academic Press, 2000.