Enhance Graphical Password Authentication using One Time pad

Abstract

The authentication is one of the top topics in security field, therefore many methods were provided, and the most famous method is text password. It has been used for decades but stills sensible for many attacks and has many drawbacks, because of all these security issues a new method must be provided to resists the security problems and accomplish the protection of user’s data. In nineties, a new type of password provided called graphical password, which is using the Images or part of these images as password but also graphical password is vulnerable for many security attacks. The proposed system was provided and implemented in this thesis, has many different features for resist different security attacks by using combination of text and graphical password and one time password. The system has two phases, login and registration phase, login phase is consisting of two phases of authentication. First phase is entering username and text password with data encryption using RSA (Rivest-Shamir-Adleman) cipher, the second phase is graphical password using recognition based graphical password method which using images as password and recognize these images in login phase, then using one time password which is sends as SMS (Short messages services) to user’s cell phone, if success then the user can log in the system, otherwise logged out. In registration phase, the user enters the required information then upload and selects at least three images as graphical password. By implement and design this system, decrease the unauthorized access to the system and it is resistible for many security attacks, therefore it is secure and complicated for attackers to break or log in to the system without have the proper privileges, and also it is user friendly and not tedious process to the user.