A Survey on the Limitations of Graphical

Chris Davies and Ravi Ganesan [11] reviews about the weakly chosen passwords continue to be a major source of security problems and it is vulnerable to dictionary attacks. In this method BApasswd a new proactive password checker is projected and this component is used for password varying program that attempts to validate the eminence of a password chosen by the user, before the selection is finalized. When the user had given a password, this system will use statistical test to determine it with a high degree of confidence, whether the password could have been generated by the Markov Process, and if so, it rejects the password and hence it effectively filters out the bad passwords and show a warning message to choose the new password to the valid users.

Limitation:

The pronounceable passwords occupy more space, if the special character extends to English words plus then it is possible to guess the passwords and it is susceptible to brute force attack.

J. Yan et.al [12] reviews that the users have some complexity in remembering the random passwords. In this approach mnemonic passwords are introduced, it is simple for the user to remember and makes the invader harder to guess the password. Through this approach they are suggesting the users to choose mnemonic passwords and make the invader to work for three times harder compare to other password method. Users are instructed to choose the mnemonic based passwords as these are very easily memorable as chosen passwords being hard to guess as arbitrarily chosen ones. Users have to choose passwords that contain numbers and special characters, as well as letters.

Limitation:

The compliance is the most critical problem in this technique and the users are at risk, it may expect to ch...

... middle of paper ...

...h function to a combination of the plaintext password entered by the user. Data associated with the website and a private salt stored on the client machine. Stealing the password received at one site will not give up the password that is useful at other site. They described the challenges they faced in implementing PwdHash and some techniques that may be useful to facing the comparable security issues in the browser environment. PwdHash are to strengthen password authentication using browser extension such that, they introduce little or no change to the experience and require no server side changes.

Limitations:

Various challenges in implementing password hash functions include JavaScript attack, salting, encoding, auto-complete, password reset, roaming, dictionary attacks. On the browser side implementation PwdHash is susceptible to focus stealing and DNS attack.