We proposes a novel recognition-based image authentication system, named “AwaseE”. The features of the system are that it uses user’s personal photo collection, and it also introduces a “no answer” case in a verification of an authentication trial. Using the web-based prototype system, exploratory user experiments on feasibility and vulnerability were conducted. From the experiments on feasibility, it was clearly shown that Awase-E with personal photos are easy to memorize and recall for a long period of time, and its level is almost same as an authentication with a 4 digit number. Moreover, people do not forget or confuse them after updating to new pass-images. There is, however, some degree of vulnerabilities to a guess attack. We also discuss a security level of the Awase-E against various attack methods, and conclude that the Awase-E improves the security against them both traditional attack methods and attack methods that are specialized for a recognition-based authentication.
No comments:
Post a Comment