Picture-based password has been proposed as an alternative authentication method to replace text-based password. Ensuring the security of picture-based password is not a simple task as picture-based objects are a lot easier to access and remember and can thus be easily guessed. In particular, shoulder surfing attack still remains as the main security threat encountered by many picture-based password authentication schemes, especially in drawmetric authentication scheme. In this paper, a novel shoulder surfing resistance mechanism has been proposed and evaluated. The proposed mechanism utilises penup event and neighbouring connectivity manipulation into a revised Background Pass-Go scheme. From the evaluation result, it has proven that the proposed mechanism achieves better results in resisting shoulder surfing attack while, at the same time, allowing a larger password space.
Available at: http://works.bepress.com/misslaiha_matkiah/2/