Enhancing security of Pass Points system using variable tolerance

Passpoints system is one of the techniques used in Authentication using Graphical Images. In this method users click on images rather than typing a long and complex alphanumeric password with the computer keyboard. Psychological studies have shown that people can remember pictures better than text. During the time of registration a user may choose several areas (click points) on an image. In order to log in the user has to click close to the chosen click points, e.g. within .25 to .50cm from the click point, because users cannot click exactly on the same pixel on which they have clicked at the time of registration. This margin of error around the click point is called Tolerance. Existing Passpoints scheme uses the same tolerance ( 20X20 pixels ) over a number of clicks by the user. But by varying the tolerance (i.e. decrementing the tolerance level) as users click on more points, the information left to an attacker is reduced. Hence, the security of the system is increased. In this paper we described how the level of security is increased.