The increase in the usage of computer systems has given rise to many security concerns.
One of the major security concern is authentication, which is the process of validating who you are to whom you claimed to be.
Current authentication systems suffer from various weaknesses. People usually use textual passwords; however they do not follow their requirements.The issue is that users intend to use meaningful words from the dictionary, which eventually are easier to break and vulnerable to attack.
A major drawback of the textual password is its conflicting requirements-
the selection of a password that is easy to remember(for the user), and at the same time, hard to guess(to prevent unauthorized access to private data).
As a solution, many biometric authentications have been proposed. These include:
1. Retinal scans 2. Fingerscanning 3. Iris recognition 4. Facial recognition 5. Finger vein ID
However, users usually tend to resist biometrics because:
- because of their effect on privacy and their intrusiveness.
- moreover, biometrics cannot be revoked.
3D password is a multi factor authentication scheme, that is, it is a security approach that requires the user to provide more than 1 identity factor before accessing their data.
Some factors include:
- what a user KNOWS: that is their password.
- what a user HAS: that is a smart card/hard token.
- what a user IS: that is a retinal scan/ finger print.
To be authenticated into a secure system, we present a 3-D virtual environment where the user navigates and interacts with various objects. The sequence of actions and interactions towards the objects inside the environment.Then the user’s password is constructed. The password can combine most existing authentication schemes, i.e., graphical and textual passwords and various biometrics into a virtual 3D environment.
The design of the 3D virtual environment and the type of objects selected determine the 3D password key space.
- easy to remember and is highly secure.
- easy to customise.
- difficult to share.
- 3D graphical password has no limit.
- difficult to use for the blind people.
- is costly.
- requires complex computer technology.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- hmac - Keyed-Hashing for Message Authentication
- Message Authentication Codes
- How message authentication code works?
- Challenge Handshake Authentication Protocol (CHAP)
- Computer Network | AAA (Authentication, Authorization and Accounting)
- AAA (Authentication, Authorization and Accounting) configuration (locally)
- Password Authentication Protocol (PAP)
- Challenge Response Authentication Mechanism (CRAM)
- Difference between Authentication and Authorization
- PGP - Authentication and Confidentiality
- Types of Two-factor Authentication
- What is AAA (Authentication, Authorization, and Accounting)?
- What is HMAC(Hash based Message Authentication Code)?
- Internet Protocol Authentication Header
- Authentication in Computer Network
- SAML Authentication
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.