Web Application Authentication Using Visual Cryptography and Cued Clicked Point Recall-based Graphical Password


  • Mary Ogbuka Kenneth Department of Computer Science, Federal University of Technology, Minna, Nigeria
  • Stephen Michael Olujuwon Department of Cyber Security Science, Federal University of Technology, Minna, Nigeria




Alphanumerical usernames and passwords are the most used computer authentication technique. This approach has been found to have a number of disadvantages. Users, for example, frequently choose passwords that are simple to guess. On the other side, if a password is difficult to guess, it is also difficult to remember. Graphical passwords have been proposed in the literature as a potential alternative to alphanumerical passwords, based on the fact that people remember pictures better than text. Existing graphical passwords, on the other hand, are vulnerable to a shoulder surfing assault. To address this shoulder surfing vulnerability, this study proposes an authentication system for web-applications based on visual cryptography and cued click point recall-based graphical password. The efficiency of the proposed system was validated using unit, system and usability testing measures. The results of the system and unit testing showed that the proposed system accomplished its objectives and requirements. The results of the usability test showed that the proposed system is easy to use, friendly and highly secured.


Password authentication, Graphical password, Text password, Visual cryptography, Shoulder surfing, Key-logging


[1] P. G. Panduranga Rao, ‘A Study of Various Graphical Passwords Authentication Schemes Using Ai Hans Peter Wickelgren Approach’, IOSR J. Comput. Eng., vol. 10, no. 6, pp. 14-20, 2013. DOI: https://doi.org/10.9790/0661-1061420

[2] A. Karode, S. Mistry, and S. Chavan, ‘Graphical Password Authentication System’, Int. J. Eng. Res., vol. 2, no. 9, p. 4, 2013.

[3] L. Y. Por, C. S. Ku, A. Islam, and T. F. Ang, ‘Graphical password: prevent shoulder-surfing attack using digraph substitution rules’, Front. Comput. Sci., vol. 11, no. 6, pp. 1098-1108, Dec. 2017. DOI: https://doi.org/10.1007/s11704-016-5472-z

[4] A. Islam, ‘A review of the recognition-based graphical password’, p. 11, Jul. 2021.

[5] J. Rajesh, C. Durgesh, W. Milind, and K. Santosh, ‘Graphical Password Authentication system’, IJLTEMAS, vol. 3, p. 5, 2014.

[6] S. Istyaq and M. S. Umar, ‘Hybrid Authentication Scheme for Graphical Password Using QR Code and Integrated Sound Signature’, vol. 12, no. 2, p. 5, 2018.

[7] Mrs. A. S. Gokhale and V. S. Waghmare, ‘The Shoulder Surfing Resistant Graphical Password Authentication Technique’, Procedia Comput. Sci., vol. 79, pp. 490-498, 2016. DOI: https://doi.org/10.1016/j.procs.2016.03.063

[8] S. Shinde and U. H. Wanaskar, ‘Keylogging: A Malicious Attack’, Int. J. Adv. Res. Comput. Commun. Eng., vol. 5, no. 6, p. 5, Jun. 2016.

[9] M. K. Shah, D. Kataria, and S. B. Raj, ‘Real Time Working of Keylogger Malware Analysis’, Int. J. Eng. Res., vol. 9, no. 10, p. 5, 2020.

[10] C. Santwana and K. S. Aditya, ‘Hypervisor based Mitigation Technique for Keylogger Spyware Attacks’, vol. 5, p. 4, 2014.

[11] Y. S. Chuen, M. Al-Rashdan, and Q. Al-Maatouk, ‘GRAPHICAL PASSWORD STRATEGY’, J. Crit. Rev., vol. 7, no. 03, Jan. 2020. DOI: https://doi.org/10.31838/jcr.07.03.19

[12] A. Vaddeti, D. Vidiyala, V. Puritipati, R. B. Ponnuru, J. S. Shin, and G. R. Alavalapati, ‘Graphical passwords: Behind the attainment of goals’, Secur. Priv., vol. 3, no. 6, Nov. 2020. DOI: https://doi.org/10.1002/spy2.125

[13] A. H. Shnain and S. H. Shaheed, ‘The Use of Graphical Password to Improve Authentication Problems in E-Commerce’, presented at the Proceeding of the 3rd International Conference on Applied Science and Technology, Sep. 2018.

[14] M. Ahsan and Y. Li, ‘Graphical Password Authentication using Images Sequence’, Int. Res. J. Enigeering Technol., vol. 04, no. 11, p. 9, Nov. 2017.

[15] Dana Yang, I. Doh, and K. Chae, ‘Enhanced password processing scheme based on visual cryptography and OCR’, in 2017 International Conference on Information Networking (ICOIN), Da Nang, Vietnam, 2017, pp. 254-258. DOI: https://doi.org/10.1109/ICOIN.2017.7899514

[16] B. Togookhuu, W. Li, Y. Sun, and J. Zhang, ‘New Graphical Password Scheme Containing Questions- Background-Pattern and Implementation’, in Computer Graphics and Imaging, IntechOpen, 2019. Accessed: Jul. 05, 2021. [Online]. Available: eative Common. http://creativecommons.org/licenses/by/3.0

[17] N. Tiwari and L. Prasad, ‘A Comparative Study: Reverse Engineering Flowcharting Tools’, vol. 07, no. 01, p. 8, 2015.

[18] V. Vaishnavi, B. Shanthi, and S. S. Rani, ‘SECURE DATA SHARING USING VISUAL CRYPTOGRAPHY’, vol. 12, no. 1, p. 5, 2017.

[19] P. V. Chavan, M. Atique, and L. Malik, ‘Design and Implementation of Hierarchical Visual Cryptography with Expansionless Shares’, Int. J. Netw. Secur. Its Appl., vol. 6, no. 1, pp. 91-102, Jan. 2014. DOI: https://doi.org/10.5121/ijnsa.2014.6108

[20] D. Vaya, S. Khandelwal, and T. Hadpawat, ‘Visual Cryptography: A Review’, Int. J. Comput. Appl., vol. 174, no. 5, pp. 40-43, Sep. 2017. DOI: https://doi.org/10.5120/ijca2017915406

[21] V. Moraskar, S. Jaikalyani, M. Saiyyed, J. Gurnani, and K. Pendke, ‘Cued Click Point Technique for Graphical Password Authentication’, Int. J. Comput. Sci. Mob. Comput., vol. 3, no. 1, pp. 166-172, Jan. 2014.

[22] D. Almog, D. O. V. B. Sohacheski, M. L. Gillenson, R. Poston, and S. Mark, ‘THE UNIT TEST : FACING CICD - ARE THEY ELUSIVE DEFINITIONS ?’, J. Inf. Technol. Manag. Publ. Assoc. Manag., vol. 29, no. 2, pp. 40-54, 2018.

[23] N. Anwar and S. Kar, ‘Review Paper on Various Software Testing Techniques & Strategies’, Glob. J. Comput. Sci. Technol. C Softw. Data Eng., vol. 19, no. 2, 2019.

[24] A. Elsafi, D. N. A. Jawawi, A. Abdelmaboud, and A. Ali, ‘A comparative evaluation of state-of-the-art integration testing techniques of component-based software’, J. Theor. Appl. Inf. Technol., vol. 71, no. 2, pp. 257-267, 2015.


How to Cite

Kenneth, M. O., & Olujuwon, S. M. (2021). Web Application Authentication Using Visual Cryptography and Cued Clicked Point Recall-based Graphical Password. Journal of Computer Science Research, 3(3), 29–41. https://doi.org/10.30564/jcsr.v3i3.3535


Article Type