Paper Title
Providing Security With Captcha As Graphical Passwords

There are many security primitives that are based on hard mathematical problems. Using hard AI problems for security is emerging as an exciting new paradigm, but this solution has been under-explored. In this paper, we present a new security primitive based on hard AI problems which is a novel family of graphical password systems built on top of Captcha technology. This technology we call as Captcha as graphical passwords (CaRP). CaRP is both a Captcha and a graphical password scheme. The graphical-password approach is sometimes called as graphical user authentication(GUA). CaRP addresses a number of security problems altogether, such as online guessing attacks, relay attacks. If CaRP is combined with dual-view technologies, shoulder-surfing attacks are addressed. Notably, even if the CaRP password is in the search set it can be found only probabilistically by automatic online guessing attacks. CaRP also offers a novel approach to address the well-known image hotspot problem in popular graphical password systems, such as PassPoints, that often leads to weak password choices. CaRP is not a panacea, but it offers reasonable security and usability and appears to fit well with some practical applications for improving online security. Keywords— Graphical Password, Password, Hotspots, Carp, Captcha, Dictionary Attack, Password Guessing Attack, Security Primitive.