Abstract: Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, a technique is proposed to generate session passwords using colors which are resistant to shoulder surfing. This method is suitable for Personal Digital Assistants.

Keywords: Authentication, session passwords, shoulder surfing.