Text-based passwords alone are subject to dictionary attacks as users tend to choose weak passwords in favor of memorability, as well as phishing attacks. Many recognition-based graphical password schemes alone, in order to offer sufficient security, require a number of rounds of verification, introducing usability issues. We suggest a hybrid user authentication approach combining text passwords, recognition-based graphical passwords, and a two-step process, to provide increased security with fewer rounds than such graphical passwords alone. A variation of this two-step authentication method, which we have implemented and deployed, is in use in the real world. © 2009 Springer Berlin Heidelberg.
CITATION STYLE
Van Oorschot, P. C., & Wan, T. (2009). TwoStep: An authentication method combining text and graphical passwords. In Lecture Notes in Business Information Processing (Vol. 26 LNBIP, pp. 233–239). Springer Verlag. https://doi.org/10.1007/978-3-642-01187-0_19
Mendeley helps you to discover research relevant for your work.