Boosting Authentication Security by Building Strong Password and Individualizing Easy to Remember Techniques (original) (raw)

Password Security Mechanisms: Comparitive Study

Proceedings of the Second International Conference on Research in Intelligent and Computing in Engineering

Nowadays online communication is increasing rapidly, password is provided as a key for communication henceforth there is a strong need to authenticate the online communication. But currently security breach occurs by stealing the password files through various ways of cyber attacks. cifferent technologies are available to safeguard password. The purpose of this paper is to evaluate various techniques for protection of password like graphical password, text password enhanced by Honeyword, Jumbling and salting approach.

A Critical appraisal on Password based Authentication

International Journal of Computer Network and Information Security

There is no doubt that, even after the development of many other authentication schemes, passwords remain one of the most popular means of authentication. A review in the field of password based authentication is addressed, by introducing and analyzing different schemes of authentication, respective advantages and disadvantages, and probable causes of the 'very disconnect' between user and password mechanisms. The evolution of passwords and how they have deep-rooted in our life is remarkable. This paper addresses the gap between the user and industry perspectives of password authentication, the state of art of password authentication and how the most investigated topic in password authentication changed over time. The author's tries to distinguish password based authentication into two levels 'User Centric Design Level' and the 'Machine Centric Protocol Level' under one framework. The paper concludes with the special section covering the ways in which password based authentication system can be strengthened on the issues which are currently holding-in the password based authentication.

Security and usability in password authentication

2017

This thesis investigates the human-factor problems in password authentication and proposes some usable solutions to these problems by focusing on both forms of knowledge based authentication: textual passwords and graphical passwords. It includes a range of empirical studies to examine users' password-related behaviour and practices in authentication, and helps users to adopt secure password behaviour. This thesis consists of two parts. The first part focuses on traditional text-based passwords. Design flaws and usability issues of existing text-password mechanisms used by many organisations cause employees to adopt insecure password practices. The first work in this thesis investigates the reasons for employees' lack of motivation regarding password protection against security failures. An empirical study is conducted to identify the factors causing employees’ insecure behaviours in organisations, and several persuasion strategies are tested to persuade employees to use pas...

Password-based Authentication in Computer Security: Why is it still there?

The SIJ Transactions on Computer Science Engineering & its Applications (CSEA), 2017

Amongst today's methods of authentication, the old-fashioned technique which requires a username and password remains the prevailing measure of securing computers, email accounts, or online transactions. Besides the threats people are often exposed to if they don't change their passwords regularly, there is always a risk that passwords wipe out from human memory over a longer period of time. This research is exploring the flaws of the dominating username-password security measure, and focusing on the alternative authentication and authorization techniques. Furthermore, the classification of password usage is given and suitable authentication methods are suggested.

A Study of Various Passwords Authentication Techniques

2015

Information and computer security is supported by passwords. Password is the principal part of authentication process. The traditional authentication method is to use text-based password which is also called alphanumeric password. But it has significant drawbacks. So to overcome vulnerabilities of this traditional password scheme a graphical password scheme is developed. But major drawback of graphical scheme is it is vulnerable to shoulder surfing attack and also sometimes to spyware attack. So alternative technique to graphical password a Captcha technique is developed. The major advantage of Captcha is that it can not be identified by bots. Captcha gives the protection from unwanted bots. Also there are some limitations of Captcha, and to overcome those after Captcha for more robust security a new technique is developed which is CaRP (Captcha as gRaphical Passwords).This paper will explore all the passwords techniques for security. General Terms Information Security, Password Tec...

Privacy Preserving Against Untrusted Browser Origins and Personalized Powerful Password Management

Recent researches reveal the necessity of terminating the incorrect notion that password is dead and confirms that these believe has been hurtful. And suggest a campaign to emphases developing password (PW) use. Because of usability, PW security stills the most used methods in information security (IS), it is also, consider most challengers to researchers and needs more improving. In fact, authentication, on the web is dominated by PWs, mandating that users select solid PW. In this study, I indicated using, growing, and ongoing of PW, and the necessity of efficient PW management, especially with web browser based applications. Therefore, I analyzed some of common PW managers. PW managers can manage easily a bunch of unique, strong, and secure PW, which link users to the various websites. On the other hand, I collected nowadays data about practicing PW security. The data were analyzed and shown the necessity of improving and utilizing PW. As well as, I proposed categorize PW users, this categorization helps: IS developer to be more realistic when they design application and security polices, also, directs users to select appropriate strategies and techniques.

Survey on Awareness and Security Issues in Password Management Strategies

2010

communication via Internet travels across unsecured channels. This gives raise to security breaches. So user identification and authentication is needed to overcome these security breaches. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged. However, this survey shows that passwords are often compromised through the poor security and management practices of users. This paper also concentrates on user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. Toward the end of this paper, we give some recommendation for the education of user in creating and maintaining their passwords.

A Study for an Ideal Password Management System

International Journal for Research in Applied Science & Engineering Technology (IJRASET), 2022

The growing number of online services needs users to have control over their password management system (generation, storage, recall). But the demand for total randomness and exclusivity of passwords is impractical in day-today life. Each component of a password management system comes with its cognitive burden on a user. There are many password management solutions available for users but every one of them has some drawbacks. Password managers have the ability to help users manage their passwords more successfully while also addressing many of the problems about password-based authentication. In this study, We're analyzing various previous studies regarding the effectiveness, usability, and security of password managers of all categories. Also, we're trying to come up with an ideal set of parameters to build the best possible password management system in 2022. This study will help to understand the key parameters and algorithms that we can use while building the ideal password generation, storage, and recall system for the user. I.

Choosing passwords: security and human factors

IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293)

Password security is essential to the security of information systems. It is often recommended that passwords not be short, not be words found in a dictionary, and that they should be changed frequently. When a user has access to many accounts or systems, different passwords should be used so that no single incident will lead to the compromise of all of these accounts. Unfortunately, human fallibility makes it nearly impossible to follow all of these rules simultaneously. A user with many different passwords, frequently changing, will be forced to write them down somewhere. Some systems constrain them to have a certain minimum length, or to require them to contain a combination of letters and numbers. Some systems also impose maximum lengths, and some prohibit special characters. The lack of common standards for passwords makes it difficult for a user to remember which password is used for which system. To make matters worse, systems frequently revoke a user's access after a password has been incorrectly entered as few as three times. What is needed, then, is an analysis of passwords that takes both human factors and security into account. We must recognize that what really matters is the security of the total system-offline as well as online. This paper explores the tradeoffs that need to be made to achieve maximum security in everyday use by forgetful users.