New Approach to Strengthen the Password

Snehal Gopal Wagh, Apeksha Datta Kame

Abstract


User authentication becomes more and more im-portant to protect the data of the users, with the rapid de-velopment of internet technologies, social networks, and other related areas. For legal users and defence against intruders password authentication is one of the widely used methods to achieve authentication. Many password cracking methods developed during the time, and people have been designing the counter measures against password cracking all the time. Many organizations enforce complicated password-creation rules and require that passwords include numeric and special characters to guard against such attacks. It has been already demonstrated that as long as passwords are not difficult to remember, they remain vulnerable to smart dictionary attacks. Using tools such as dictionaries or probabilistic models, attackers and password recovery tools reduces the number of attempts that are needed to guess a password. To move with this strategy we are presenting a password scheme that achieves this goal. The proposed system is based on intermixing between a fixed text (conventional part of a password) and a free random text (newly added) at different pre-defined indices having different per-defined lengths. The extension of the random text adds an additional level of difficulty in breaching the password. We also added three more techniques to strengthen the proposed password cheme. We are also using CAPTCHA, keystroke pattern and security que tions along with salt segment. We are trying to have more ecure y tem combining this four techniques.


Full Text:

PDF

References


Chowdhury E. M. W. R., Rahman M. S. & Islam A. B. M. A. A.,“Salty Secret: Let us secretly salt the secret”, International Conference on Networking, Systems and Security (NSysS) , 2017

Reeder R., & Schechter S. “When the Password Doesnt Work:Secondary Authentication for Websites” 2011.

Zhao P., Bian K., Zhao T., Song X., Jerry Park J.M., Li, X., Yan, W. “Understanding Smartphone Sensor and App Data for Enhancing the Security of Secret Questions” IEEE Transactions on Mobile Computing, 2017.

Krishnamoorthy S., Rueda L., Saad S. & Elmiligi H.“Identification of User Behavioral Biometrics for Authentication Using Keystroke Dynamics and Machine Learning”. Proceedings of the 2018 2nd International Conference on Biometric Engineering and Applications - ICBEA 18.

Yohan Muliono, Hanry Ham, Dion Darmawan,“Keystroke Dynamic Clas-sification using Machine Learning for Password Authorization”,3rd Inter-national Conference on Computer Science and Computational Intelligence 2018, ICCSCI 2018, 07-08 September 2018, Jakarta, Indonesia.

Dailey M. & Namprempre C. (n.d.),“A text-graphic character Captcha

forpassword identification”. 2004 IEEE Region 10 Conference ENCON 2004.




 

Copyright © IJETT, International Journal on Emerging Trends in Technology