The text-based password has been the default security medium for years. However, the difficulty of memorizing secure strong passwords often leads to insecure practices. In this fast computer era, the Internet users are increasing on each second. Now mostly people are using different online service provided by Banks, Schools, Hospitals, online utility bill payment and online shopping sites. The text-based authentication scheme faces some drawbacks with usability and security issues that bring troubles to users. For example, if the user is not intelligently constructed the password with extra security measures, it is very easy for hacker to hack. On the contrary, if a password is hard to guess, then it is often hard to remember. A person has to memorize as many passwords as many different websites he/she is using. So he/she gets confused and/or forgets the correct user Id/password combinations. We should have an alternative system to overcome these problems. In this paper, a comprehensive study of existing graphical password scheme and shoulder surfing problem is performed. The best way in One Time Password authentication is proposed for enhancement in security and privacy.

One Time Password (OTP), Authentication, Usability, Security, Shoulder Surfing

[1] http://rroij.com/open-access/an-approach-for-user-authentication-one-time-password-numeric-and-graphical-scheme-54-57.php?aid=37786
[2] A. Adams and M. A. Sasse, “Users are not the enemy: why users compromise computer security mechanisms and how to take remedial measures”, Communications of the ACM, Volume-42, Page No (41-46), 1999.
[3] Pavan Gujjar Panduranga Rao, Dr.G. Lavanya Devi and Dr.P.Srinivasa Rao, “A Study of Various Graphical Passwords Authentication Schemes Using Ai Hans Peter Wickelgren Approach” , Volume-10, Issue-6, Page No (6), May-Jun 2013.
[4] Brajesh Kumar Kushwaha, “AN APPROACH FOR USER AUTHENTICATION ONE TIME PASSWORD (NUMERIC AND GRAPHICAL) SCHEME”, Journal of Global Research in Computer Science, Volume-3, Page No (1), Nov 11, 2012.
[5] Mohite Sandhya, Kare Rohini, Bhongale Pooja, Bhosale Priyanka, “Graphical Password Authentication using Modified Persuasive Cued Click-Point”, International Journal of Computer Science Engineering (IJCSE), Volume-2, Page No (2), Mar 2, 2015.
[6] Jesudoss A., Subramaniam N.P., “A SURVEY ON AUTHENTICATION ATTACKS AND COUNTERMEASURES IN A DISTRIBUTED ENVIRONMENT”, Indian Journal of Computer Science and Engineering (IJCSE), Volume-5, No.-2, April-May 2014.
[7] http://www.bioinfo.in/uploadfiles/13476885341_1_2_WRJHCI.pdf
[8] Saranya Ramanan and Bindhu J S, “A Survey on Different Graphical Password Authentication Techniques”, Volume-2, Page No (7), Dec 12, 2014.