Securing graphical user password using multi-grid technique from shoulder surfing attack / Leila Ghasemi Sabet

Graphical password is a possible solution for text- based password, forced particularly by the fact that humans can remember pictures better than texts. Based on previous researches in the graphical password techniques especially recall-based techniques we had some problems from security point of view. For security in graphical password, there are some attacks such as shoulder surfing, and brute force. Shoulder surfing is one of the major attacks; it means this project must cover the shoulder surfing attacks for making the algorithms more secure. This project will use a multi grid technique that allows user to log into the system in a way that the password is difficult to be guessed by the attacker. It is done by changing the size of grids in each try dynamically. This means in each login try, the user can see a grid with different number of rows and columns. The size of grids is determined randomly by the system. This project is designed as a new prototype and then evaluated the security features in the University Collage Sedaya International (UCSI), and then the user's reaction about the whole system and the security facial appearance of the graphical password prototype are explored. Results are collected and analyzed. The comparison between fixed grid technique and new multi grid technique is done and results proved that the new technique is doing better than the fixed grid technique in terms of shoulder surfing attacks while attacker has multiple chances to uncover the graphical password.