In recognition-recallCaRP, the password is created from a sequence of some invariant points ofobjects. An invariant point of an object (letter “A”) is a point that has afixed relative position in different incarnations (fonts) of the object, andwith this, it can be uniquely identified by humans irrespective of how theobject in CaRP images. To enter a password, a user should identify the objectsin CaRP image, and after that use this identified objects as cues which helpsto locate and click the invariant points matching user password. Every passwordpoint has some tolerance range if the click is within the tolerance range, itaccepts as password point. 3 pixels 23 or less is the ideal tolerance range.
TextPoints TextPoint, arecognition- recall CaRP scheme with an alphabet of characters. Fig. 5 showssome invariant points of letter “A”, which provides a strong cue to locate itsinvariant points memorize. If the distance to the closest boundary of the objectexceeds a threshold that point is known as the internal point of an object. ForTextPoints, to form a set of clickable points, a set of internal points ofcharacters is selected. Here there is a chance of overlap between clickablepoint and neighboring character and their tolerance ranges also occluded on theimage generated by the underlying Captcha engine.
In determining clickablepoints to avoid overlap on CaRP images, the distance between any pair ofclickable points in a character must exceed a threshold by this both can beseparated. Consider an example, if the center of a stroke segment in onecharacter is selected, the user cannot select the center of a similar strokesegment in another character. To avoid this, the user must select a differentpoint from the stroke segment. By this user can ensure that a clickable pointis context-dependent: depending on the character that the point lies in thesame type of structured point may or may not be the clickable point. Eventhough the clickable points are known for each character, character recognitionis necessary for locating clickable points on a TextPoints image. Thesethings cannot be achieved by bots. Figure 12: Some invariant points (red crosses) of”A”.
Here password is asequence of clickable points, where a character can contribute multipleclickable points by this TextPoints has a much larger password space thanClickText.· Image Generation: Both ClickTextimages and TextPoints images look same but to ensure any collision or toleranceregion occlude with anotherclickable point’s, locations of clickablepoints are checked. If this fails system generates another image. Failures arerare because the clickable points are all internal points.
· Authentication: While creating apassword, the user asks to select a CaRP image where all clickable points are marked on respectivecharacters. In authentication, first the user identifies chosen characters andclicks the password points on the right characters. The server checks eachuser-clicked point on the image to find the nearest clickable point. Loginfails if their distance exceeds tolerable range. Otherwise, hash value iscalculated based on the recovered sequence of clickable points to verify withthe stored value.While comparing password points between TextPoints and click-basedgraphical passwords (PassPoints). In PassPoints 17 salient points should beavoided because they are mounted to dictionary attacks, but in avoiding salientpoints leads to memorize the password.
But when considering TextPoints thisproblem won’t occur. ClickPoints in TextPoints refers to salient points oftheir characters and helps to memorize a password but bots cannot exploitbecause both are dynamic and contextual:· Dynamic: For every image, the locationsof clickable points and their characters differ from one another. Clickablepoints of one image are independent of clickable points of another image.· Contextual: The similarstructured point does not depend on its context or a clickable point, this isonly with the right context, i.e., at the right location of a right character.
Bots or machines cannotexploit to mount dictionary attacks on TextPoints because both dynamic andcontextual requires correct context, i.e., characters, first. Identifyingcharacters in a Captcha image is a task beyond computer’s capability.Technical measures likelogin passwords, anti-virus are essential.
However, a secure physical space isthe first and more important line of defense. Is the place you keep yourwork environment PC sufficiently secure to anticipate burglary or access to itwhile you are away? While the Security Department gives scope over the Medicalfocus, it just takes seconds to take a PC, especially some compact gadgets likea tablet or a PDA. A PC ought to be secured like some other important ownershipwhen you are absent. Human dangers are not byany means the only concern. PCs can be bargained by natural accidents (e.
g.,water, espresso) or physical injury. Ensure the physical area of your PCassesses those dangers as well.From Figure:13, Registrationprocess starts with the generation of unique ID for a user and on next step, itprompts to select a sound signature with tolerance level, based on tolerancelevel it generates an image. If the user failed to pass captcha test then amore complex captcha will generate, after ‘n’ number of failed attempts itblocks the user. Once the captcha is authenticated correctly then the user cancreate his profile. After creating aprofile, the user can login with same image profile that was used whilecreating the profile.
Based on the mouse clicks or captcha challenge, if thesemouse clicks match with database clicks then the user can log in else it asksthe user to solve the captcha again. With three failed attempts, it blocks userto log in.