Against Spyware Using CAPTCHA in Graphical Password Scheme
This addresses security issues in graphical passwords for users, but it is incremental as it builds on existing schemes with CAPTCHA integration.
The paper tackles the vulnerability of graphical password schemes to spyware attacks by proposing a new scheme that integrates CAPTCHA to significantly increase adversary costs, though initial experiments indicate usability needs improvement.
Text-based password schemes have inherent security and usability problems, leading to the development of graphical password schemes. However, most of these alternate schemes are vulnerable to spyware attacks. We propose a new scheme, using CAPTCHA (Completely Automated Public Turing tests to tell Computers and Humans Apart) that retaining the advantages of graphical password schemes, while simultaneously raising the cost of adversaries by orders of magnitude. Furthermore, some primary experiments are conducted and the results indicate that the usability should be improved in the future work.