DEFENSE AGAINST LARGE SCALE ONLINE PASSWORD GUESSING ATTACKS USING PERSUASIVE CLICK POINTS

Abstract: In today's digital age, ensuring robust security for online banking applications is paramount. Traditional authentication methods, while useful, often fall short in the face of sophisticated cyber threats. This project introduces an innovative image CAPTCHA authentication system designed to enhance security through an additional layer of protection. During the registration phase, users create their accounts by providing an email and password. They then select a series of images and click on specific locations within each image to set personalized key points. These key points are securely stored alongside the user's credentials. For login, users must not only enter their email and password but also replicate the image selection and key point clicks. The system extracts these key points during login and compares them with the stored values to verify the user's identity. This dual-authentication process significantly bolsters security by making unauthorized access considerably more difficult. Implementing this system involves using OpenCV for capturing and processing user clicks, alongside a secure backend to handle data storage and comparison. Key aspects such as data encryption, secure communication via HTTPS, and session management through authentication tokens are integral to maintaining the system's integrity. This approach leverages the familiarity and ease of use of graphical passwords, offering a user-friendly yet highly secure authentication method, thereby enhancing the overall security framework of online banking applications.

Keywords: Authentication, data encryption, secure communication, security.