Mobile Based User Authentication for Guaranteed Password Security Using key?
Journal: International Journal of Computer Science and Mobile Computing - IJCSMC (Vol.2, No. 10)Publication Date: 2013-10-30
Authors : B.Sivakumar S.Venkatesan Y.Kalifulla D.Anandan;
Page : 48-56
Keywords : Network security; password reuse attack; password stealing attack; user authentication;
Abstract
Text password is the most popular form of user authentication on websites due to its convenience and simplicity. However, users’ passwords are prone to be stolen and compromised under different threats and vulnerabilities. Firstly, users often select weak passwords and reuse the same passwords across different websites. Routinely reusing passwords causes a domino effect; when an adversary compromises one password, she will exploit it to gain access to more websites. Second, typing passwords into untrusted computers suffers password thief threat. An adversary can launch several password stealing attacks to snatch passwords, such as phishing, key loggers and malware. In this paper, we design a user authentication protocol named oPass which leverages a user’s cellphone and short message service to thwart password stealing and password reuse attacks. oPass only requires each participating website possesses a unique phone number, and involves a telecommunication service provider in registration and recovery phases. Through oPass, users only need to remember a long-term password for login on all websites. After Evaluating the oPass prototype, we believe oPass is efficient and affordable compared with the conventional web authentication mechanisms.
Other Latest Articles
- Simultaneous Estimation of Nebivolol and Amlodipine by UV Spectrophotometric Method
- Key Parameters for the Development of Long Term Delivery of Antipsychotic Drug
- Development of RP-HPLC Method for Estimation of Dithranol in Hydrogel based Lipid Nanoparticle Formulation
- Analysis of Shear Walls under Compression and Bending
- Computational Analysis of Part of Speech Tagging
Last modified: 2013-10-21 17:56:35