Skip to Main Content
The main weakness of passwords is that it is vulnerable to dictionary attacks implemented by automated programs. As the EKE protocol could resist the offline dictionary attack and the CAPTCHA could avoid automatic on-line dictionary attack implemented by the attacker, in this paper, based on the two protocols, we proposed the hybrid password authentication protocols. Our new password authentication schemes combined the advantages of the EKE protocol and the CAPTCHA, which can resist the dictionary attacks implemented by the automatic programs perfectly. Finally, we gave the realization of the password authentication protocol, in which the reverse Turing test is realized by the common graphical verification code.