A CAPTCHA means "Completely Automated Public Turing test to tell Computers and Humans Apart". It is a type of challenge-response test used in computing to determine whether or not the user is human. CaRP is both a Captcha and a graphical password scheme. CaRP addresses a number of security problems altogether, such as online guessing attacks, relay attacks, and, if combined with dual-view technologies, shoulder-surfing attacks. Particularly, a CaRP password can be found only probabilistically by automatic online guessing attacks, even if the password is in the search set. CaRP also offers an approach to address the well-known image hotspot problem in popular graphical password systems, such as PassPoints, which often leads to weak password choices. Thus, a variant to the login/password scheme, using graphical scheme was introduced. But it also suffered due to shoulder-surfing and screen dump attacks. Thus it introduces a framework to proposed (IPAS) Implicit Password Authentication System, which is protected to the common attacks suffered by other authentication schemes.