Abstract: Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, we proposed to generate session passwords using text and colors which are resistant to shoulder surfing. These methods are suitable for Personal Digital Assistants.

Keywords: Authentication, cryptographic hash function, graphical password schemes, session passwords.