Abstract
Most remote systems require user authentication to access resources. Text-based passwords are still widely used as a standard method of user authen-tication. Although conventional text-based passwords are rather hard to remem-ber, users often write their passwords down in order to compromise security. One of the most complex challenges users may face is posting sensitive data on external data centers that are accessible to others and do not be controlled directly by users. Graphical user authentication methods have recently been pro-posed to verify the user identity. However, the fundamental limitation of a graphi-cal password is that it must have a colorful and rich image to provide an adequate password space to maintain security, and when the user clicks and inputs a pass-word between two possible grids, the fault tolerance is adjusted to avoid this situa-tion. This paper proposes an enhanced graphical authentication scheme, which comprises benefits over both recognition and recall-based graphical techniques besides image steganography. The combination of graphical authentication and steganography technologies reduces the amount of sensitive data shared between users and service providers and improves the security of user accounts. To eval-uate the effectiveness of the proposed scheme, peak signal-to-noise ratio and mean squared error parameters have been used.