Review of Defense Mechanisms for Online Password Guessing Attacks

ABSTRACT With the increasing vulnerability of private and confidential information because of illegitimate access , preventing password guessing attacks is a must. Various protocols have been proposed till date for this purpose. ATT based protocols are used to identify automated malicious attempts but they cause a reasonable amount of inconvenience to the user . In these there exists a security usability trade-off with respect to the number of free failed login attempts..This paper presents a brief view of the existing protocols like PS, VS , PGRP and PAPP and also discusses their inadequacy and drawbacks . The PGRP protocol is very stringent for attackers but it is very user friendly for legitimate users. PAPP protocol uses MAC address of each machine login. If MAC address changes then user can identify intrusion.