A GRAPHICAL PASSWORD AUTHENTICATION SYSTEM

Abstract

The present invention relates to a graphical password authentication system and method through the images. The system comprises a bucket mechanism that lets users organize images into one of three buckets or leave them unassigned, a display unit to enter the email address and cell phone number of the users, a middleware decodes the token to show the actual values of the buckets and images, and a cloud based data storage to store the user information. According to method, initial user inputs their email address and cell phone number, user selects several picture and bucket combinations in addition to an image sequence, after being hashed, the user's email address and password are both kept in a database. At the time of login in to the system, user needs to provide their registered email address and mobile number. The graphical password authentication system provides a higher level of security and usability than traditional password systems. Using a series of 16 randomly selected photos from three distinct categories, the system makes it harder for attackers to automate the process by changing the images' positions with each refresh. Since images are more unpredictable and difficult to figure out, using them as passwords offers better defense against dictionary attacks than text-based ones. Every image is represented by a JSON Web Token (JWT), and each JWT's actual value is stored on the server. A middleware on the backend converts the JWT into the picture's actual value. To maximize the amount of patterns that may be made, the system include the concept of buckets, allowing users to select images without placing them in any bucket or place them in one of three buckets. Due to the bucket concept's quadrillions of potential patterns, password guessing by hackers is nearly impossible. In the digital era, security and privacy are more important than ever, and traditional password management techniques are no longer a sufficient line of defense against hacker attacks. Passwords are readily subject to phishing scams and brute force attacks, which can lead to major data breaches with disastrous consequences for individuals and organizations alike. The present developed a new graphical password authentication system which is more secure and user-friendly than traditional password systems.

Specification

Description:Field of the Invention
The present invention relates to the graphical passwords authentication, especially to a graphical password authentication system and method that uses visuals and token-based authentication system to provide a greater level of protection against attacks.
Background of the Invention
Data security has become a major issue in the rapidly changing digital world because of incomprehensible growth of technology and internet usage. Sadly, passwords-a popular form of authentication-are simple to steal or hack, leaving private information vulnerable to attackers' whims. A far more secure and impenetrable authentication method is now needed to safeguard against the fraudulent operations of hostile hackers and preserve the integrity of sensitive data. To address this issue, we have developed a graphical password authentication (GPA) solution. The goal of our graphical password authentication solution, Authguard, is to provide a safer and more convenient option for traditional password-based authentication. Below is a list of these:
• This innovation is more user-friendly and secure graphical password authentication solution is offered. For individuals and companies looking to improve their cybersecurity posture, it's an easy-to-use substitute.
• This solution effectively mitigates the increasing threat of sophisticated cyberattacks by offering a straightforward and safe means of safeguarding personal information.
• For every image, a JSON Web Token (JWT) is used, and the actual value of each JWT is preserved by the server. A middleware on the backend transforms the JWT into the actual value of the image.
• Moreover, the system introduces the use of buckets, enabling users to select images to place into one of three buckets or opt to leave images outside any bucket. This increases the number of potential password patterns significantly, making it highly challenging for hackers to crack the password.
Sivakumar, M. et al. (2021), presents a novel graphical password authentication technique based on visual cryptography and honeycomb encryption. The authors assess the system's security against a range of threats and detail its architecture and implementation. They also go over the system's benefits and drawbacks and offer suggestions for more study.
Lee, J. H., Alam, M. S., & Chowdhury, M. U. (2019), presents a novel method for human authentication combining wearable technology and graphical passwords. The system's design and implementation are explained by the writers, who also assess the system's usefulness and security against several types of assaults. They also go over the system's benefits and drawbacks and offer suggestions for more study.
Zhang, H., Han, X., Wang, Y., & Zhao, F. (2020), suggests a more secure graphical password authentication technique that takes into account the cognitive traits of the user. The system's design and implementation are explained by the writers, who also assess the system's defenses against different types of attacks. They also go over the system's benefits and drawbacks and offer suggestions for more study.
Kim, H., & Kim, Y. (2021), suggests a graphical password authentication technique based on adversarial assaults and deep learning. The system's architecture, implementation, and security against several threats are all described by the authors. They also go over the system's benefits and drawbacks and offer suggestions for more study.
Arora, K., Bansal, N., & Gupta, P. (2020), suggests a graphical password authentication technique based on adversarial assaults and deep learning. The system's architecture, implementation, and security against several threats are all described by the authors. They also go over the system's benefits and drawbacks and offer suggestions for more study.
Enhancing Security and Usability of Graphical Passwords using Multimodal Biometrics. Journal of Ambient Intelligence and Humanized Computing, 11(11), 5017-5031, presents a novel graphical password authentication system utilizing multimodal biometrics. The system's design and implementation are described by the writers, who also assess the system's usefulness and security against several types of assaults.
Drawings
Figure 1: Process of implementation of Developed System
Detailed Description of the Invention
The following description includes the preferred best mode of one embodiment of the present invention. It will be clear from this description of the invention that the invention is not limited to these illustrated embodiments but that the invention also includes a variety of modifications and embodiments thereto. Therefore, the present description should be seen as illustrative and not limiting. While the invention is susceptible to various modifications and alternative constructions, it should be understood, that there is no intention to limit the invention to the specific form disclosed, but, on the contrary, the invention is to cover all modifications, alternative constructions, and equivalents falling within the spirit and scope of the invention as defined in the claims.
In any embodiment described herein, the open-ended terms "comprising," "comprises," and the like (which are synonymous with "including," "having" and "characterized by") may be replaced by the respective partially closed phrases "consisting essentially of," consists essentially of," and the like or the respective closed phrases "consisting of," "consists of, the like. As used herein, the singular forms "a", "an", and "the" designate both the singular and the plural, unless expressly stated to designate the singular only.
The present invention developed and tested a graphical password authentication system that is secure and easy to use, suitable for a range of platforms and industries.
The graphical password authentication system comprises a bucket mechanism that lets users organize images into one of three buckets or leave them unassigned, a display unit to enter the email address and cell phone number of the users, a middleware decodes the token to show the actual values of the buckets and images, and a cloud based data storage to store the user information.
The method of the present invention includes the following steps:
1. In addition, the system uses a bucket mechanism that lets users organize images into one of three buckets or leave them unassigned. This approach greatly expands the range of possible password combinations, making it exceptionally tough for hackers to break the password.
2. User inputs their email address and cell phone number. These are the standard particulars required for most registration processes.
3. User selects several picture and bucket combinations in addition to an image sequence. Giving each customer a unique and customized registration experience is the goal of this phase. To prove they're a real person and not a robot, the user has to solve a visual puzzle consisting of pictures and buckets.
A middleware decodes the token to show the actual values of the buckets and images that the user has chosen. This middleware receives the token from the frontend and applies the same cryptographic technique to return it to the original values of the buckets and photos. This allows the middleware to compare the user's selections with the initial values to determine whether the user has successfully solved the visual puzzle.
4. After being hashed, the user's email address and password are both kept in a database. By using a method known as password hashing, a plaintext password can be transformed into a difficult-to-decipher scramble. Because of this, even if the database is compromised, attackers will get it difficult to decipher the passwords.
A. Two-factor authentication is utilized to verify the user's mobile number. This additional security precaution helps shield the user's account from unauthorized access. A 4-digit OTP is generated using the user's mobile number.
B. This OTP is often sent to the user's mobile device via SMS.
C. The OTP record is automatically deleted after two minutes for security purposes. This is carried out to prevent hackers from intercepting the OTP and using it to get access to the user's account. Once the OTP has expired, it is impossible to verify the user's identity.
D. After entering the correct OTP into the system, the user can successfully register. This proves that the user owns the account in its whole and that they can access the mobile device that is connected to it. Once the user has successfully completed all registration procedures, they can access the website or application by logging in with their email address and password.
5. When attempting to log in to the system, the user needs to provide their registered email address and mobile number. This is the first stage in the login process and verifies that the user is trying to access the correct account.
6. After providing their email address and mobile number during the registration process, the user is asked to input the correct sequence of the photos they previously picked. This serves as the user's password and ensures that the only person able to log in is the one who accurately selected the photo order. The system utilizes the bucket and image values that were previously recorded and used to construct the token during registration to compare the user's selection with those values.
7. The user will gain access to the system upon entering the correct credentials. The software will validate the provided email address, mobile phone number, and the sequence of image selections. If all the credentials match, the system will authenticate the user and grant access to their account.
8. If the user enters invalid credentials, they won't be able to access their account. When the system detects that the user entered incorrect information, they will be asked to try again. If, after a specific number of attempts, the user still enters wrong information, the system may temporarily freeze the account to stop unauthorised access.
The developed system utilizes the bucket and image values that were previously recorded and used to construct the token during registration to compare the user's selection with those values.
• This innovation will verify the user's credentials and grant them access to their account if everything is accurate.
• If the user enters invalid credentials, they won't be able to access their account. When the system detects that the user entered incorrect information, they will be asked to try again. If, after a specific number of attempts, the user still enters wrong information, the system may temporarily freeze the account to stop unauthorised access.

, Claims:1. A graphical password authentication system, comprises of: a bucket mechanism that lets users organize images into one of three buckets or leave them unassigned, a display unit to enter the email address and cell phone number of the users, a middleware decodes the token to show the actual values of the buckets and images, and a cloud based data storage to store the user information.
2. The graphical password authentication system as claimed in the claim 1, wherein the method comprises the following steps:
• Enabling the user to organize images into one of three predefined "buckets" or leave them unassigned, thereby expanding the range of possible password combinations and increasing the difficulty for attackers to break the password;
• Prompting the user to input their email address and mobile number as part of the standard registration process;
• Allowing the user to select a combination of images and buckets, along with a specific image sequence, as part of a customized registration experience, and requiring the user to solve a visual puzzle consisting of images and buckets to demonstrate they are a human and not a bot;
• Using middleware to decode the token representing the user's image and bucket selections, where the middleware applies a cryptographic technique to convert the token back to its original values and compares the user's selections with the stored values to verify that the user has successfully solved the visual puzzle;
• Hashing and storing the user's email address and password in a database using password hashing techniques to protect the user credentials from being deciphered, even in the event of a database compromise;
• Using two-factor authentication to verify the user's mobile number by generating a one-time password (OTP) based on the user's mobile number;
a. Sending the OTP to the user's mobile device via SMS;
b. Automatically deleting the OTP record after a set time period, such as two minutes, to prevent interception by unauthorized parties and to prevent access to the user's account with an expired OTP;
• Verifying the user's identity by requiring the correct OTP to complete the registration process, thereby confirming the user owns the account and can access the associated mobile device;
• Allowing the user to log in by providing their registered email address and mobile number as the initial verification step;
• Requiring the user to input the correct image sequence they previously selected during the registration process, where the image sequence acts as the password, and using the stored bucket and image values to compare the user's selections with the original values to verify the user's identity;
• Granting the user access to the system if the provided email address, mobile number, and image sequence match the stored values, thereby authenticating the user and granting access to their account;
• If the credentials entered by the user are invalid, denying access and prompting the user to retry, and after a specified number of failed attempts, temporarily freezing the account to prevent unauthorized access.
3. The graphical password authentication system as claimed in the claim 1, wherein system addressing the shortcomings of traditional password-based authentication systems, including the difficulty of creating and remembering complex passwords and the potential for users to share or use weak passwords.

Documents