Active authentication using facial attributes

Passwords are no longer a reliable form of authentication. They have been the default authentication method for multiuser computer systems since the 1960s, when MIT’s Compatible Time Sharing System [1] was born. They are easy to crack if they are simple and short, and otherwise, they are difficult for a user to remember. Once a malicious user somehow acquires a password, he/she has full control over the system. In order to avoid a password leak, one needs to update their password regularly, which adds to the frustration of maintaining the password. These are just a few drawbacks of using password-based authentication methods. Studies have shown that one out of five mobile device users choose a simple, easily guessed password like “12345,”“abc1234” or even “password” to protect their data [1]. As a result, hackers could easily break into many accounts just by trying the most commonly used passwords. In the case when secret patterns are used for gaining initial access on the mobile devices, users tend to use the same pattern over and over again. As a result, they leave oily residues or smudges on the screen of the mobile device. It has been shown that with special lighting and high-resolution photo, one can easily deduce the secret pattern [2].To overcome the shortcomings of a password-authenticated system, researchers have focused on an alternative authentication approach, namely “Biometric identification”[3]. This approach includes the use of fingerprints [4], retinal scans [5], voice [6], facial image [7], etc. to validate users. Biometrics is more secure as they are unique for each user and very difficult to replicate. However, there are …