Secure Image Based One Time Password

Most people now access all the important areas of their life?banking, shopping, insurance, medical records, and so on'simply by sitting at their computer and typing a username and password into a website. Getting access to something this way is called one-factor authentication, because you need to know only one thing to get into the system the combination of user name and password. In theory, this kind of protection should be reasonably secure, in practice, it's less and less trustworthy. This paper presents an approach to further increase security using a two-factor authentication scheme. This approach required the user to login with a username and password and also generate a One Time Password which will be sent to his email. The One Time Password will be used for authentication any time the user wishes to access a restricted resource. The one time password as the name implies will expire after a single use and after a period of 60 seconds. The system uses random image and text based OTP generation with SHA-512 algorithm and again encryption by using ECC to develop a more secured two factor, one time password. Java Enterprise Edition (JEE) technology was used.