Secure Password Sharing and Storage using Encryption and Key-Exchange (original) (raw)

Survey on Awareness and Security Issues in Password Management Strategies

2010

communication via Internet travels across unsecured channels. This gives raise to security breaches. So user identification and authentication is needed to overcome these security breaches. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged. However, this survey shows that passwords are often compromised through the poor security and management practices of users. This paper also concentrates on user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. Toward the end of this paper, we give some recommendation for the education of user in creating and maintaining their passwords.

A Study for an Ideal Password Management System

International Journal for Research in Applied Science & Engineering Technology (IJRASET), 2022

The growing number of online services needs users to have control over their password management system (generation, storage, recall). But the demand for total randomness and exclusivity of passwords is impractical in day-today life. Each component of a password management system comes with its cognitive burden on a user. There are many password management solutions available for users but every one of them has some drawbacks. Password managers have the ability to help users manage their passwords more successfully while also addressing many of the problems about password-based authentication. In this study, We're analyzing various previous studies regarding the effectiveness, usability, and security of password managers of all categories. Also, we're trying to come up with an ideal set of parameters to build the best possible password management system in 2022. This study will help to understand the key parameters and algorithms that we can use while building the ideal password generation, storage, and recall system for the user. I.

Challenges and Opportunities in Password Management: A Review of Current Solutions

Sri Lanka Journal of Social Sciences and Humanities

For over six decades, passwords have served as the primary authentication mechanism for almost all modern computer systems. However, password management is a challenging task for most computer users, and that has led users to many malpractices that open the door for most information security breaches over time. Despite many efforts, no alternative solution has ever succeeded in replacing passwords as the primary authentication mechanism. As a result, users are now heavily relying on password managers to alleviate the burden of manual password management. This paper addresses the topic of password management about different types of password managers and their inherent limitations. By evaluating the existing password management approaches and identifying potential improvements, this paper aims to signify an important research gap that exists in the study area; the need for fully automating the process of manual password management.

A Novel Password Protected Key Exchange Protocol

— Exchanging messages are more common thing lately. More number of people connects with each other in the network and (verifies someone's identity) each other while sharing their data. So users following so many rules of conduct for providing security to their data and the servers which they are storing their data. Due to all data storing in the single server, there is a chance to hack server data to be told (to people). This paper presents a solution to this problem such as (verifying someone's identity) process has to share by two servers. Client has to (verify someone's identity) in two servers like two step checking (for truth). It also includes (related to secret computer codes) ways of doing things to provide security for the data stored in the servers.

Password Management: Empirical Results from a RSA and USA Study

The state of information security as a whole is a disaster, a train wreck". This view is given by describing the state of information security towards the end of the first decade of the 21 st century. Amongst solutions offered, the view that security programs have to be holistic is proposed indicating that technical controls are of little value without the workforce understanding the risks of their irresponsible behavior. Another solution proposed by them is the role of awareness and education. All levels of users should be targeted letting them understand their role and responsibility in information security. Password related behavior is often highlighted as a key component of information security awareness. However, studies have shown that password hygiene is generally poor amongst users .

An enhanced web security for cloud-based password management

Password is a security mechanism for securing application and its contents by preventing unauthorized users' access, using secure means. Breaches of access by unauthorized users have, however, become a subject of concern to many web developers and application owners. Cloudbased password management system represents the storage and access of web passwords through the "Cloud." The study examines and analyzes the current password management status of web application (Adekunle Ajasin University, Akungba-Akoko) with a view to detect the flaws/ insecurity in the site. This paper uncovers the vulnerabilities of existing web application and analyzes how they can be exploited by attackers to crack users' saved passwords. The study proposes a novel cloud-based password management design to achieve a high level of security with the desired confidentiality, integrity, and availability properties. The study, which employed cryptographic hash function (Secure Hash Algorithm-256) and Diffie-Hellman key exchange algorithm, was designed using penetration testing technique and implemented a highly secure cryptography (i.e., a zero-knowledge protocol) for making the site more tightly secured, thereby ensuring a secure channel through the data flows.

Multi-agent integrated password management (MIPM) application secured with encryption

2017

Users use weak passwords and reuse them on different websites and applications. Password managers are a solution to store login information for websites and help users log in automatically. This project developed a system that acts as an agent managing passwords. Multi-Agent Integrated Password Management (MIPM) is an application using encryption that provides users with secure storage of their login account information such as their username, emails and passwords. This project was developed on an Android platform with an encryption agent using Java Agent Development Environment (JADE). The purpose of the embedded agents is to act as a third-party software to ease the encryption process, and in the future, the developed encryption agents can form part of the security system. This application can be used by the computer and mobile users. Currently, users log into many applications causing them to use unique passwords to prevent password leaking. The crypto agent handles the encryption process using an Advanced Encryption Standard (AES) 128bit encryption algorithm. As a whole, MIPM is developed on the Android application to provide a secure platform to store passwords and has high potential to be commercialised for public use.

A New Advanced User Authentication and Confidentiality Security Service

International Journal of Computer Applications

Network & internet security is the burning question of today’s world and they are deeply related to each other for secure successful data transmission. Network security approach is totally based on the concept of network security services. In this paper, a new system of network security service is implemented which is more secure than conventional network security services. This technique is mainly deals with two essential network security services, one is user authentication and other is data confidentiality. For user authentication this paper introduces ‘Graphical Username’ & ‘Voice Password’ approaches which provides better security than conventional ‘username ‘& ‘password’ authentication process. In data confidentiality section this paper introduces two layer private key for both message encryption & decryption which is mainly applicable on 8 bit plain text data. This paper also provides the hints of introducing other two network security services (integrity and non-repudiation)...

Literature Survey Paper on Password Manager

International Journal of All Research Education & Scientific Methods

Cyber Security has become one of the biggest developing fields in software engineering and the innovation business. Defective security has cost the worldwide economy colossal misfortunes. Whenever enormous security breaks occur, thousands to millions of passwords can be uncovered and put away into records, significance individuals are powerless to assaults. By and large, we utilize a great deal of passwords for our various records and recollecting every one of them is truly hard. A secret key is a series of characters which is utilized to really take a look at the genuineness of a client. These days, with the development of number of utilization each client utilizes, it turns out to be for all intents and purposes difficult to recall such countless complex passwords and reusing passwords on various applications isn't secure. This is where a secret phrase director comes into the image. A secret phrase chief is a completely safe vault where the client will actually want to save al...