IoT has shown pervasiveness and prevalence everyday. The IoT nodes continuously generate and transmits data in the network, therefore authentication is needed in order to deliver actual data. A convenient and reliable way of authenticating these nodes is paramount. This work proposes a convenient way for the nodes to authenticate each other without the user being involved, and where the user gets involved, he performs his authentication conveniently. The authentication of the nodes goes through three phases. In the first phase of authentication nodes are authenticated by specially generating a signature which constitutes the specs of the node. The second phase authenticates by calculating the geographical location of the node and third phase prompts the user to enter his password from a bitmap. The password is difficult to crack as it comes in two bitmaps and randomly shuffles its characters each time it prompts. The first phase is sufficient to authenticate the nodes, but if it fails it can go the second phase. The user can get involved only if the two phases failed then he can provide his credential to authenticate the node. The system is resistant to side channel, rank, brute force, MITM, MAC spoofing, DoS, and DoS attacks. © 2023 IEEE.