An Enhanced Graphical Authentication Scheme Using Multiple-Image Steganography

Abstract

Most remote systems require user authentication to access resources. Text-based passwords are still widely used as a standard method of user authentication. Although conventional text-based passwords are rather hard to remember, users often write their passwords down in order to compromise security. One of the most complex challenges users may face is posting sensitive data on external data centers that are accessible to others and do not be controlled directly by users. Graphical user authentication methods have recently been proposed to verify the user identity. However, the fundamental limitation of a graphical password is that it must have a colorful and rich image to provide an adequate password space to maintain security, and when the user clicks and inputs a password between two possible grids, the fault tolerance is adjusted to avoid this situation. This paper proposes an enhanced graphical authentication scheme, which comprises benefits over both recognition and recall-based graphical techniques besides image steganography. The combination of graphical authentication and steganography technologies reduces the amount of sensitive data shared between users and service providers and improves the security of user accounts. To evaluate the effectiveness of the proposed scheme, peak signal-to-noise ratio and mean squared error parameters have been used.