[go: up one dir, main page]

GB2482886A - Graphical password for controlling access - Google Patents

Graphical password for controlling access Download PDF

Info

Publication number
GB2482886A
GB2482886A GB201013814A GB201013814A GB2482886A GB 2482886 A GB2482886 A GB 2482886A GB 201013814 A GB201013814 A GB 201013814A GB 201013814 A GB201013814 A GB 201013814A GB 2482886 A GB2482886 A GB 2482886A
Authority
GB
United Kingdom
Prior art keywords
passcode
security system
improved security
user
graphical element
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB201013814A
Other versions
GB201013814D0 (en
Inventor
Brian Harry Taylor
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB201013814A priority Critical patent/GB2482886A/en
Publication of GB201013814D0 publication Critical patent/GB201013814D0/en
Publication of GB2482886A publication Critical patent/GB2482886A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

A security system for controlling access to local and remote systems, where access is subject to verification of a graphical password or passcode. The passcode comprises a number of elements, and at least one element is selected or input by choosing an area (pixel) of a graphical image, icon, or symbol. The passcode might be chosen by selecting a sequence of pixels (parts/portions/segments/regions) of the image, which will generate a number of passcode digits. Reselecting an identical pixel each time may prove challenging, and thus there may be an acceptable region around the pixel allowing the user a small margin of error. The initially generated passcode may be encrypted and stored in the data storage of the system. This system may be more secure than an alphanumeric password, and the sequence of portions of an image may be easier to remember than a combination of username and password.

Description

Improved Security System for Controlling Local and Remote Access This invention relates to improved security for access to local or remote electronic resources.
It is common practice for certain resources particularly those made available over the internet to be protected by way of, for example a passcode, which has to be entered by a user to gain access to the resource. The necessity for such protection is amply demonstrated the ever increasing levels of online fraud and theft.
A passcode comprising alpha-numeric characters chosen by a user or provider of the resources is commonly used to provide security of access to the desired resource. However, such alpha-numeric passcodes can give rise to problems insofar as they are easily forgotten and, since passcode security is provided on almost any secure resource, it is difficult to remember multiple sets of usernames and passcodes for each resource desired to be accessed. Given this problem, many users use the same or very similar usernames and passcodes for multiple resources which compromises security.
Furthermore, there are commercially available software tools which enable relatively easy retrieval of such passcodes via robotic word and number generation.
Alternative methods of providing security are being developed and the use of graphical images to be used as at least a part of the passcode is an active area of research globally and is based upon the belief that users will be better able to remember graphical elements, making it more likely that users will use the resources more regularly since the difficulty in remembering the username/passcode is minimised.
The present Applicant has realised that it is possible to render the increased security afforded by graphical elements as part or all of the protection afforded to a resource, to deliver a very secure system which would require many billions of computations to overcome the passcode formed by it.
Accordingly, it is an object of the present invention to provide a security system for local or remote resources which utilises graphical elements and/or an image or images as at least a part of a secure passcode to access particular resources.
Thus and in accordance with the present invention there is provided an improved security system for controlling access to local and remote resources comprising a means for receiving one or more user defined passcode elements, said elements being conjoined to provide a single passcode and being capable of comparison with the element's entered by a user which upon verification allow access to the requested resources wherein at least one element making up the passcode is in graphical form.
With such a system, it will be appreciated that the security is enhanced through use of one or more graphical elements as a part of the passcode for access to a particular resource.
In a preferred embodiment, the graphical element of the passcode can be divided into a number of selected or designated areas, each such area being associated with a particular passcode element such that by selecting a specific area of the graphical element, most preferably in a particular sequence, provides a very secure system.
The invention will now be described further by way of example only and with reference to the accompanying drawings, in which: Figure i shows a schematic representation of the mechanistic principles of operation of the system.
The arrangement of the present invention comprises an interactive application in which secure passcodes can be generated via user interaction with a selected image within the graphical interface of the system.
The invention is capable of electronic communication with a variety of external or remote systems so that electronic access to said systems is permitted on the basis of the user providing the appropriate passcode via the graphical interface of the invention.
Figure i shows a schematic representation of the components of the invention.
On launching the application, a user is presented with a logon launch display showing relevant information about the specific version of the application, such as for example, version and product identification numbers. Said logon launch then guides the user through to the main interface, referred to in the present example as the "Entry Guard", which guides the user through the process of establishing and managing passcodes using the graphical representation.
The "Access Point" represents the part of the graphical interface that allows the user to select an image to use as the basis from which to formulate a passcode via pixel selection within the image.
This aspect of the invention allows the user to formulate a specific passcode by clicking on a number of pixels in sequence within the selected image. The number of clicks, sequence and thus number of pixels selected is variable and can be customised by the user and each pixel selected will generate a number of passcode digits, thus resulting in the formation ofa passcode via an image within the graphical interface of the application. In the present example, the range of mouse clicks that can be used to generate a passcode is 1-7, with each click generating 6 digits of passcode. It is of course to be understood that this is intended by way of example only and does not in any way restrict the ability of the invention to extend beyond this scope.
The user is also able to customise other options within the application via a "Tools Control", such as for example, the size of the target area surrounding the appropriate part of the image that forms the passcode. In this respect, it has been identified that the ability to reselect an identical pixel each time the passcode is required may prove challenging and thus the ability to specify an acceptable region instead allows the user a small margin of error. It can be seen therefore, that this particular feature of the invention accommodates inevitable human error, without compromising the security features of the application and thus improves the practical application of the invention.
Once the user has generated the passcode via an image within the application, the application is capable of storing the passcodes securely within the "Data Store" mechanism so that the appropriate passcode may be used with the appropriate log-in screen on an external or remote system or application.
The invention also comprises a "Bespoke Encryption" feature that further encrypts the passcode generated initially by the pixel selection performed by the user and stored in the data store porlion of the system, thus further enhancing the security features of the invention.
The "Image Store" aspect of the system communicates directly with the "Data Store" portion and provides the source graphic used to generate the passcode. This feature of the system enables the passcode to be amended if appropriate, whilst still retaining the original image that the user had selected. This property of the system allows for a vast quantity of passcode combinations to be generated from one image alone.
The "Application Launch" interface of the system communicates electronically with a local or remote application and displays an access-controlled mechanism via the graphical interface. Said mechanism is capable of communicating with the invention in order that when requested, the user is able to enter the appropriate passcode sequence by clicking the correct pixels within the appropriate image, thus allowing the user access to the application in question.
It is of course to be understood that the invention is not intended to be restricted to the details of the embodiments described above which are described by way of example only.

Claims (12)

  1. Claims 1. An improved security system for controlling local and remote resources comprising a means for receiving one or more user defined elements, said elements being conjoined to provide a single passcode and being capable of comparison with the elements entered by the user and upon which verification allows access to the requested resources wherein at least one element of the passcode is in graphical form.
  2. 2. An improved security system according to Claim 1 in which a graphical element of the passcode can be divided into a number of selected or designated areas, each such area being associated with a particular passcode element. Co
    Q
  3. 3. An improved security system according to Claim 1 or Claim 2 in that a specific area of the (0 graphical element provides a secure system.
  4. 4. An improved security system substantially as herein before described and with reference to the accompanying drawing.AMENDMENTS TO THE CLAIMS HAVE BEEN FILED AS FOLLOWSClaims 1. An improved security system for controlling local and remote resources comprising a means for receiving one or more user defined elements, said elements being conjoined to provide a single passcode and being capable of comparison with the elements entered by the user and upon which verification allows access to the requested resources wherein at least one element of the passcode is in graphical form.2. An improved security system according to Claim 1 in which a graphical element of the passcode can be divided into a number of selected or designated areas, each such area being associated with a particular passcode element. (\JQ 3. An improved security system according to Claim 1 or Claim 2 in that a specific area of the 0) graphical element provides a secure system.4. An improved security system for controlling access to local and remote resources comprising a means for receiving one or more user defined elements, said elements being conjoined to provide a single passcode and being capable of comparison with the elements entered by the user and upon which verification allows access to the requested resources wherein at least one element of the passcode is in graphical form.
  5. 5. An improved security system in accordance with any of Claims 1 to 4 wherein the passcode comprises at least one graphical element and at least one user-defined pixel selection capable of being embedded into said graphical element.
  6. 6. An improved security system in accordance with any of Claims 1 to 5 wherein said graphical element comprises at least one static image.
  7. 7. An improved security system in accordance with any of Claims 1 to 6 wherein said graphical element comprises at least one moving image.
  8. 8. An improved security system in accordance with any of Claims I to 7 wherein said graphical element comprises at least one video image.
  9. 9. An improved security system in accordance with any of Claims 1 to 8 wherein said system comprises encryption functionality, said encryption being operable to embed at least one user-defined pixel selection into a graphical element and wherein access to a resource will only be permitted upon entry of a correct passcode via the improved security system interface.
  10. 10. An improved security system in accordance with any of Claims 1 to 9 wherein upon setting a passcode, the original graphical element file is discarded and a subsequent graphical element file comprising embedded user-defined pixel selection data is formed and wherein (\J said subsequent graphical element file is then used by said improved security system to control access to a resource.
  11. 11. An improved security system in accordance with any of Claims 1 to 10 wherein said system automatically logs a user into a resource upon entering a correct passcode and wherein Q unlimited attempts at passcode entry are permitted.
  12. 12. An improved security system substantially as hereinbefore described and with reference to the accompanying drawing.
GB201013814A 2010-08-18 2010-08-18 Graphical password for controlling access Withdrawn GB2482886A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB201013814A GB2482886A (en) 2010-08-18 2010-08-18 Graphical password for controlling access

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB201013814A GB2482886A (en) 2010-08-18 2010-08-18 Graphical password for controlling access

Publications (2)

Publication Number Publication Date
GB201013814D0 GB201013814D0 (en) 2010-09-29
GB2482886A true GB2482886A (en) 2012-02-22

Family

ID=42938102

Family Applications (1)

Application Number Title Priority Date Filing Date
GB201013814A Withdrawn GB2482886A (en) 2010-08-18 2010-08-18 Graphical password for controlling access

Country Status (1)

Country Link
GB (1) GB2482886A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150006886A1 (en) * 2012-06-26 2015-01-01 Mojtaba Mojy Mirashrafi Secure user presence detection and authentication
CN108710805A (en) * 2018-05-25 2018-10-26 四川斐讯信息技术有限公司 Encryption method, decryption method and the storage device of storage device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0677801A1 (en) * 1994-04-04 1995-10-18 AT&T Corp. Graphical password
DE10024179A1 (en) * 2000-05-17 2001-11-22 Gero Decker Access control method acts as an alternative to existing password systems, etc. and uses selection of an area of a mathematical image, e.g. a fractal image, that is then used as a password type area to gain access
EP1380915A2 (en) * 2002-07-10 2004-01-14 Samsung Electronics Co., Ltd. Computer access control
EP2085908A2 (en) * 2008-02-02 2009-08-05 Mobinnova Corp Image password authentication system of portable electronic apparatus and method for the same
US20100037306A1 (en) * 2008-08-06 2010-02-11 Chi Mei Communication Systems, Inc. Electronic device and access control method thereof
US20100186074A1 (en) * 2009-01-16 2010-07-22 Angelos Stavrou Authentication Using Graphical Passwords

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0677801A1 (en) * 1994-04-04 1995-10-18 AT&T Corp. Graphical password
DE10024179A1 (en) * 2000-05-17 2001-11-22 Gero Decker Access control method acts as an alternative to existing password systems, etc. and uses selection of an area of a mathematical image, e.g. a fractal image, that is then used as a password type area to gain access
EP1380915A2 (en) * 2002-07-10 2004-01-14 Samsung Electronics Co., Ltd. Computer access control
EP2085908A2 (en) * 2008-02-02 2009-08-05 Mobinnova Corp Image password authentication system of portable electronic apparatus and method for the same
US20100037306A1 (en) * 2008-08-06 2010-02-11 Chi Mei Communication Systems, Inc. Electronic device and access control method thereof
US20100186074A1 (en) * 2009-01-16 2010-07-22 Angelos Stavrou Authentication Using Graphical Passwords

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150006886A1 (en) * 2012-06-26 2015-01-01 Mojtaba Mojy Mirashrafi Secure user presence detection and authentication
US9614827B2 (en) * 2012-06-26 2017-04-04 Intel Corporation Secure user presence detection and authentication
CN108710805A (en) * 2018-05-25 2018-10-26 四川斐讯信息技术有限公司 Encryption method, decryption method and the storage device of storage device

Also Published As

Publication number Publication date
GB201013814D0 (en) 2010-09-29

Similar Documents

Publication Publication Date Title
EP2836953B1 (en) Method and device for generating a code
US8140855B2 (en) Security-enhanced log in
EP3008654B1 (en) Gesture-based authentication without retained credentialing gestures
JP6721924B2 (en) Reminder terminal, control method thereof, and information recording medium
US20040230843A1 (en) System and method for authenticating users using image selection
KR20180048428A (en) Method for authenticating a user by means of a non-secure terminal
US10474807B2 (en) Password/encryption protection
US20170316187A1 (en) Systems and Methods for Creating and Sharing Protected Content
EP3644578B1 (en) Point and click authentication
US12153660B2 (en) Virtual keyboard CAPTCHA
CN105743860A (en) Method and device for converting characters
GB2482886A (en) Graphical password for controlling access
CN106663158B (en) Method, system, and device-readable medium for managing user data
KR102014408B1 (en) Method and computer program for user authentication using image touch password
US9613201B1 (en) Access control by a mobile device using an image
US9600678B1 (en) Image-based completely automated public turing test to tell computers and humans apart (CAPTCHA)
US10263972B1 (en) Authenticating by labeling
Al-Shqeerat An Enhanced Graphical Authentication Scheme Using Multiple-Image Steganography.
Rao et al. Secured Activity Based Authentication System
Khadka et al. Implementation of an Authentication System GTPass
KR101607300B1 (en) Apparatus for authenticating password using character image, method thereof and computer recordable medium storing the method
Wagh et al. Shoulder Surfing Resistant Text-based Graphical Password Scheme
Allawadhi et al. Virtual Consciousness from 3D to 4D Password: A Next Generation Security System Inspiration
CN114528530A (en) Application icon display method and device
CN115134473A (en) Image encryption method and device

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)