Abstract
|
In this paper we present a innovative solution to the old problem of password security at application layer or input level. In our solution, each of the various lower case & upper case characters, special characters, digits from which a password could be comprised is encoded with a random single digit integer number and presented to the user through an Login input interface module. A valid user entered his password in the form of the sequence of code or numeric value from the login input interface module that describe his password code in place of his actual password characters. This approach does not require the input code to be hidden from anyone (shoulder surfing) or converted to placeholder characters for security reasons. Our solution engine every time regenerates new numeric value when user enters password for each character each time the carriage return key is struck so our approach is key logger attack protected, producing a toughened password that is convincingly more secure than an old and widely used password scheme is conventional password scheme. In which the system first authenticates the username and password at the login time from the user database and on the basis of authentication of the user, allows the user to access the system. However, such scheme is vulnerable to attacks like Shoulder Surfing, Key loggers, Phishing Attacks and Login Spoofing against both online and offline attackers. our approach is feasible in practice, ease of use, better security and performance
|