| Peer-Reviewed

Pixel Value Graphical Password Scheme: Fake Passpix Attempt on Hexadecimal Password Style

Received: 5 December 2018     Published: 6 December 2018
Views:       Downloads:
Abstract

Early design of graphical password scheme solved the strong alphanumeric password deficiencies in term of hard to memorized, but they was exposed to password shoulder surfing and complicated to produced even by the legitimate users. Motivated to solve the problems, pixel value graphical password scheme was developed in 2012 where it require user to load any their desired digital image as their password. The term Passpix is referring to the pixel value that extracted from the loaded image file derived from the words password pixel. Pixel value in the form of RGB color strength could be representing as 3-octets 8-bits color code (0 to 255) or Hexadecimal code (000000 to FFFFFF) produced 16,777,216 combinations. Pixel value graphical password increases the password strength by implementing two-dimensional 8 by 8 grid extraction that increases the password strength to 1,073,741,824 combinations. It would result the password could be long or super long. Currently, pixel value graphical password scheme using the 8-bits color code as the pixel value and password that stored into database which could produce up to 576 characters. This would be require more storage capacity to store the password that brings into a suggestion to extracting the pixel value using hexadecimal code which produced 384 characters only. Further study on that idea it is found that the number of password characters did not brings a significant impact on-disk data size and it is easy information to construct a fake Passpix which is discussed further in this paper. This paper is organized into 5 sections where the background and concept of pixel value graphical password scheme is introduced in section 1. Section 2 of this paper is describing the password style of pixel value graphical password. The fake Passpix reconstruction is briefly explained in section 3 and section 4 is discussed further about the fake Passpix findings. The conclusion of this study can be found in section 5 and at the end of this paper, there are list of several references used in this study. Hopefully this paper will brings major contribution for safer pixel value graphical password scheme.

Published in International Journal of Information and Communication Sciences (Volume 3, Issue 3)
DOI 10.11648/j.ijics.20180303.14
Page(s) 104-109
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2018. Published by Science Publishing Group

Keywords

Pixel Value, Graphical Password, Passpix, RGB Color Scheme, 8-Bits Color Code, Hexadecimal Color Code

References
[1] M. A. M. Shukran and M. S. F. M. Yunus, “Pixel Value Graphical Password Scheme” PI 2013003261 Malaysia, 2015
[2] G. E. Blonder, “Graphical password” 5,559,961 Washington D. C., United State of America, 2015
[3] S. Chiasson, A. Forget, R. Biddle, and P. C. van Oorschot (2009). “User interface design affects security: Patterns in click-based graphical passwords,” International Journal of Information Security, vol 8, pp 387, 2015
[4] Malaysian Banking Berhad, “M2U new enhanced Security Features. Maybank 2 U,” [Online] https://www.maybank2u.com.my.
[5] A. F. Syukri, E. Okamoto and M. Mambo, “A user identification system using signature written with mouse,” Australasian Conference on Information Security and Privacy, vol. 13, pp. 403-414, July 2015. [Springer, Berlin, Heidelberg]
[6] H. Tao, “Pass-Go, a new graphical password scheme” Doctoral dissertation, University of Ottawa (Canada), 2017.
[7] L. Sobrado and J. C. Birget, “Graphical passwords,” The Rutgers Scholar, an electronic Bulletin for undergraduate research, vol. 4, pp. 12-18, 2016.
[8] R. Biddle, S. Chiasson and P. C. Van Oorschot, “Graphical passwords: Learning from the first twelve years” ACM Computing Surveys (CSUR), vol. 44, p. 19, 2015
[9] M. A. M. Shukran, M. S. F. M. Yunus, W. S. S. Shariff, M. S. Ariffin and K. Maskat, “Pixel Value Graphical Password Scheme: Identifying Design Features and Requirements,” Applied Mechanics and Materials, Vol. 548, pp. 1561-1565, 2014, Trans Tech Publications.
[10] “HTML Color Codes,” [Online] https://htmlcolorcodes.com/, September 3, 2015.
[11] M. S. F. M. Yunus, “Dynamic Analysis on Pixel Value Graphical Password Scheme,” Master dissertation, National Defense University of Malaysia, 2016.
Cite This Article
  • APA Style

    Mohd ‘Afizi Bin Mohd Shukran, Mohd Sidek Fadhil Bin Mohd Yunus. (2018). Pixel Value Graphical Password Scheme: Fake Passpix Attempt on Hexadecimal Password Style. International Journal of Information and Communication Sciences, 3(3), 104-109. https://doi.org/10.11648/j.ijics.20180303.14

    Copy | Download

    ACS Style

    Mohd ‘Afizi Bin Mohd Shukran; Mohd Sidek Fadhil Bin Mohd Yunus. Pixel Value Graphical Password Scheme: Fake Passpix Attempt on Hexadecimal Password Style. Int. J. Inf. Commun. Sci. 2018, 3(3), 104-109. doi: 10.11648/j.ijics.20180303.14

    Copy | Download

    AMA Style

    Mohd ‘Afizi Bin Mohd Shukran, Mohd Sidek Fadhil Bin Mohd Yunus. Pixel Value Graphical Password Scheme: Fake Passpix Attempt on Hexadecimal Password Style. Int J Inf Commun Sci. 2018;3(3):104-109. doi: 10.11648/j.ijics.20180303.14

    Copy | Download

  • @article{10.11648/j.ijics.20180303.14,
      author = {Mohd ‘Afizi Bin Mohd Shukran and Mohd Sidek Fadhil Bin Mohd Yunus},
      title = {Pixel Value Graphical Password Scheme: Fake Passpix Attempt on Hexadecimal Password Style},
      journal = {International Journal of Information and Communication Sciences},
      volume = {3},
      number = {3},
      pages = {104-109},
      doi = {10.11648/j.ijics.20180303.14},
      url = {https://doi.org/10.11648/j.ijics.20180303.14},
      eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ijics.20180303.14},
      abstract = {Early design of graphical password scheme solved the strong alphanumeric password deficiencies in term of hard to memorized, but they was exposed to password shoulder surfing and complicated to produced even by the legitimate users. Motivated to solve the problems, pixel value graphical password scheme was developed in 2012 where it require user to load any their desired digital image as their password. The term Passpix is referring to the pixel value that extracted from the loaded image file derived from the words password pixel. Pixel value in the form of RGB color strength could be representing as 3-octets 8-bits color code (0 to 255) or Hexadecimal code (000000 to FFFFFF) produced 16,777,216 combinations. Pixel value graphical password increases the password strength by implementing two-dimensional 8 by 8 grid extraction that increases the password strength to 1,073,741,824 combinations. It would result the password could be long or super long. Currently, pixel value graphical password scheme using the 8-bits color code as the pixel value and password that stored into database which could produce up to 576 characters. This would be require more storage capacity to store the password that brings into a suggestion to extracting the pixel value using hexadecimal code which produced 384 characters only. Further study on that idea it is found that the number of password characters did not brings a significant impact on-disk data size and it is easy information to construct a fake Passpix which is discussed further in this paper. This paper is organized into 5 sections where the background and concept of pixel value graphical password scheme is introduced in section 1. Section 2 of this paper is describing the password style of pixel value graphical password. The fake Passpix reconstruction is briefly explained in section 3 and section 4 is discussed further about the fake Passpix findings. The conclusion of this study can be found in section 5 and at the end of this paper, there are list of several references used in this study. Hopefully this paper will brings major contribution for safer pixel value graphical password scheme.},
     year = {2018}
    }
    

    Copy | Download

  • TY  - JOUR
    T1  - Pixel Value Graphical Password Scheme: Fake Passpix Attempt on Hexadecimal Password Style
    AU  - Mohd ‘Afizi Bin Mohd Shukran
    AU  - Mohd Sidek Fadhil Bin Mohd Yunus
    Y1  - 2018/12/06
    PY  - 2018
    N1  - https://doi.org/10.11648/j.ijics.20180303.14
    DO  - 10.11648/j.ijics.20180303.14
    T2  - International Journal of Information and Communication Sciences
    JF  - International Journal of Information and Communication Sciences
    JO  - International Journal of Information and Communication Sciences
    SP  - 104
    EP  - 109
    PB  - Science Publishing Group
    SN  - 2575-1719
    UR  - https://doi.org/10.11648/j.ijics.20180303.14
    AB  - Early design of graphical password scheme solved the strong alphanumeric password deficiencies in term of hard to memorized, but they was exposed to password shoulder surfing and complicated to produced even by the legitimate users. Motivated to solve the problems, pixel value graphical password scheme was developed in 2012 where it require user to load any their desired digital image as their password. The term Passpix is referring to the pixel value that extracted from the loaded image file derived from the words password pixel. Pixel value in the form of RGB color strength could be representing as 3-octets 8-bits color code (0 to 255) or Hexadecimal code (000000 to FFFFFF) produced 16,777,216 combinations. Pixel value graphical password increases the password strength by implementing two-dimensional 8 by 8 grid extraction that increases the password strength to 1,073,741,824 combinations. It would result the password could be long or super long. Currently, pixel value graphical password scheme using the 8-bits color code as the pixel value and password that stored into database which could produce up to 576 characters. This would be require more storage capacity to store the password that brings into a suggestion to extracting the pixel value using hexadecimal code which produced 384 characters only. Further study on that idea it is found that the number of password characters did not brings a significant impact on-disk data size and it is easy information to construct a fake Passpix which is discussed further in this paper. This paper is organized into 5 sections where the background and concept of pixel value graphical password scheme is introduced in section 1. Section 2 of this paper is describing the password style of pixel value graphical password. The fake Passpix reconstruction is briefly explained in section 3 and section 4 is discussed further about the fake Passpix findings. The conclusion of this study can be found in section 5 and at the end of this paper, there are list of several references used in this study. Hopefully this paper will brings major contribution for safer pixel value graphical password scheme.
    VL  - 3
    IS  - 3
    ER  - 

    Copy | Download

Author Information
  • Faculty of Defence Science and Technology, Universiti Pertahanan Nasional Malaysia, Kuala Lumpur, Malaysia

  • Faculty of Defence Science and Technology, Universiti Pertahanan Nasional Malaysia, Kuala Lumpur, Malaysia

  • Sections