The textual password vulnerabilities have become quite popular and thus users choose small and easy passwords thus making it easy for the hackers to break through. Textual password is moreover vulnerable to hidden camera, shoulder surfing and spyware attack. As an alternative option graphical password scheme is proposed and it is based on images instead of textual passwords. This kid of passwords is only vulnerable to shoulder surfing. Here, we propose a scalable shoulder surfing resistant textual-graphical password authentication scheme or S3PAS in short.

This scheme includes both text and graphical password system and it is a perfect way of providing protection to shoulder surfing., spyware attack and hidden camera. It can be easily replaced with the the system of textual password without making any kind of changes in the user existing password profile. Through the volatile and dynamic session password it is easily immune to brute force attack. S3PAS shows a bridging gap between the graphical password and textual password.

We proposed a password authentication system that enables security of the user’s password profile. It is immune to spyware attack, hidden camera and shoulder surfing. This scheme seamlessly matches the test based passwords and can also facilitate various lengths of the passwords that requires zero percent effort on the part of the users to transmigrate to S3PAS, their existing passwords.

There are certain drawbacks in this particular scheme and it include a longer process for login, making it time consuming and complicated for the users. Therefore we are planning to develop a new version of this scheme that will include a lower level of security thus making it is for the adoption of the users. This version will be more simple and will be easy from the view point of logging in in comparison to the older version.