Due increase in the usage of cloud based systems there is an increase in the amount of information on the cloud and as a result there is need for confidentiality. Most common method used for authentication is textual password. But these passwords are susceptible to shoulder surfing, dictionary attack, eavesdropping. Generally the passwords tend to follow patterns that are easier for attackers to guess. A literature survey shows that text-based password suffer this security problem. Pictographic passwords are provided as replacement to text based passwords. Pictographic passwords may prone to shoulder surfing. Pictographic passwords may suffer with the usability issue. This paper uses color code authentication which provides two step authentication to the user. Each time user logged in with generated one time password. This scheme is tested with different kinds of security attacks. User has to memorize only the sequence of three colors and three shades selected at the time of registration. This scheme is useful for secure authentication method for data protection on cloud.

cloud; textual password; graphical password; pictographic; authentication; challenge response

[1] Morris, Robert, and Ken Thompson. "Password security: A case history." Communications of the ACM 22.11 (1979): 594-597.
[2] Blonder, G. "United States Patent 5559961." Graphical Passwords (1996).
[3] Man, Shushuang, Dawei Hong, and Manton M. Matthews. "A Shoulder Surfing Resistant Graphical Password Scheme-WIW." Security and Management. 2003.
[4] Wiedenbeck, Susan, et al. "PassPoints: Design and longitudinal evaluation of a graphical password system." International Journal of Human-Computer Studies 63.1 (2005): 102-127.
[5] Thorpe, Julie, and Paul C. van Oorschot. "Graphical Dictionaries and the Memorable Space of Graphical Passwords." USENIX Security Symposium. 2004.
[6] Wiedenbeck, Susan, et al. "Design and evaluation of a shoulder-surfing resistant graphical password scheme." Proceedings of the working conference on Advanced visual interfaces. ACM, 2006.
[7] De Angeli, Antonella , et al. "Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems". International Journal of Human-Computer Studies 63.1 (2005): 128-152.
[8] Dhamija, Rachna. "Hash visualization in user authentication." CHI`OOExtended Abstracts on Human Factors in Computing Systems. ACM,(2000).
[9] Dhamija, Rachna, and Adrian Perrigo "Deja Vu-A User Study: Using Images for Authentication." USENIX Security Symposium. Vol. 9.(2000).
[10] Brostoff, Sacha, and M. Angela Sasse. "Are Pass faces more usable than passwords? A feild trial investigation." People and Computers XIVUsability or Else!. Springer London, 2000. 405-424.Sobrado, Leonardo, and Jean-Camille Birget. "Graphical passwords."
[11] The Rutgers Scholar, an electronic Bulletin for undergraduate research 4(2002): 2002.
[12] Balaji, S. "Authentication techniques for engendering session passwords with colors and text." Advances in Computer Science and its Applications 1.3 (2012): 189-195.
[13] Sreelatha, M., et al. "Authentication schemes for session passwords using color and images." International Journal of Network Security & Its Applications 3.3 (2011): 111-119.