Authentication is an essential mechanism

in information security. A graphical password (GP) is a password that employs graphics

rather than text to gain access to computers. GP is still not

widely used in the actual world because users are frustrated by

the numerous Login phases and the selection of various

determined images from prior techniques, therefore they have

returned to textual passwords. The vast majority of research

has failed to discover a means to increase overall security,

usability, memorability, and login time. In this paper, a novel

Choice-Based Graphical Password (CGP) Scheme for Web

Applications is proposed. The scheme is a two-level multifactor

authentication: textual and recognition. During registration,

the user first registered his or her data, and then the system

assigned him/her a random and unique number. The second,

user chose an image from CGP's dataset or from his or her

device. CGP then resized and blurred the user-selected image

before encrypting and storing it in the CGP database. The

attacker claimed that the image was one element, but it was a

combination of five factors (user name, user number, and

his/her registered image with the same name, size, and

resolution), making it difficult to guess and resistant to several

attacks using (CAPEC). The proposed CGP scheme's

performance evaluation enhanced a 36% increase in password

space, a 33% increase in possible password numbers, and a

36% increase in entropy when compared to prior methods.

CGP approach met the challenge of the password being

secure, trustworthy, memorable, user-friendly, and timesaving