Survey a secured privacy authentication with recovery
Languages of publication
Every person has his own data and needs it to be secure, so authentication and acceptance were found to be essential. Most web based applications are based on password level authentication only. Since passwords are easily prone to be attacked, a better authentication is needed. The biometrics and the biometric way of authentication came to existence but this also suffered from the drawback of excess hardware and complex mechanisms. This paper presents a simple and efficient user authentication approach based on OTP with four digit pin number. When the user logins into the system, the login password is matches with database and if they match, the user is identified as a legitimate user. Further, an OTP is generated and sent to the user. The user enter the OTP along with four digit pin. If this combined OTP and four digit pin is matched with database, user is authenticated. Otherwise user is not allowed to access. This achieves better authentication and efficiency. If user forget their password, recovery phase is available. In this phase user have to answer the query which is based on the image that is displayed by server. If the answer is matches, then password reset link will send to user’s mail id. This recovery method is not vulnerable to password resetting attack. This paper provides different types of password, types of authentication and types of attack.
- Department of CSE, Anna University Regional Centre, Tamil Nadu, India, firstname.lastname@example.org
- PG Scholar, Department of CSE, Anna University Regional Centre, Tamil Nadu, India, email@example.com
- PG Scholar, Department of CSE, Anna University Regional Centre, Tamil Nadu, India, firstname.lastname@example.org
-  Janardan Choubey, Bhaskar Choubey “Secure User Authentication in Internet Banking: A Qualitative Survey”, International Journal of Innovation, Management and Technology, Vol. 4, No. 2, April 2013.
-  Mudassar Raza, Muhammad Iqbal, Muhammad Sharif and Waqas Haider, “A Survey of Password Attacks and Comparative Analysis on Methods for Secure Authentication”, World Applied Sciences Journal 19 (4): 439-444, 2012.
-  Ari Juels, “RFID Security and Privacy: A Research Survey”, IEEE Journal on Selected Areas in Communications, Volume 24, No. 2, Feb 2006.
-  Priti Jadhao, Lalit Dole, “Survey on Authentication Password Techniques”, International Journal of Soft Computing and Engineering (IJSCE), Volume 3, Issue 2, May 2013.
-  Prajitha M V, “A Survey on User Authentication Protocols”, International Journal of Computer Science Engineering, Volume 3, Issue 1, Jan 2015.
-  Bin Hu, Qi Xie, Yang Li, Automatic verification of password based authentication protocols using smart card (2011).
-  G. E. Blonder, “Graphical passwords”, United States Patent 5559961, 1996.
-  A. Hiltgen, T. Kramp, and T. Weigold, “Secure internet banking authentication,” IEEE Security and Privacy, Vol. 4, No. 2, pp. 21-29, 2006.
-  Anand Sharma and Vishal Ojha, 2010. Password based authentication: Philosophical Survey. IEEE.
-  Ahmed, A.A.E. and I. Traore, 2005. Anomaly Intrusion Detection Based on Biometrics, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, IAW '05.
-  B. Pinkas and T. Sander, “Securing passwords against dictionary at- tacks,” in CCS ’02: Proc. 9th ACM Conf. Computer Communications Security, New York, ACM, 2002, pp. 161-170.
-  I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin, “The design and analysis of graphical passwords,” in SSYM’99: Proc. 8th Conf. USENIX Security Symp., Berkeley, CA, USENIX Association, 1999, pp. 1.
-  B. Parno, C. Kuo, and A. Perrig, “Phoolproof phishing prevention,” Financial Cryptography Data Security, 2006, pp. 1-19.
-  D. Florencio and C. Herley, “A large-scale study of web password habits,” in WWW ’07: Proc. 16th Int. Conf. World Wide Web., New York, ACM, 2007, pp. 657-666.
-  S. Chiasson, A. Forget, E. Stobert, P. C. van Oorschot, and R. Biddle, “Multiple password interference in text passwords and click-based graphical passwords,” in CCS ’09: Proc. 16th ACM Conf. Computer Communications Security, New York, 2009, pp. 500-511.
-  Muhammad Sharif, Tariq Faiz and Mudassar Raza, 2008. Time Signatures - An Implementation of Keystroke and Click Patterns for Practical and Secure.
-  Hirotaka Tazawa and Takashi Katoh, 2010. A user authentication scheme using Multiple Passphrases and its arrangements. ISITA Taiwan.
-  Dalia Abdul Hadi Abdul Ameer and Ahmed Abdulhakim Al-Absi, 2010. Anywhere On-Keyboard Password Technique. IEEE Student conference on Research and development 2010 Putrajaya Malaysia.
-  Manabo Hirano and Tomohiro Umeda, 2009. T-PIM: Trusted password Input method against data stealing Malware IEEE 6 International Conference on IT.
-  http://passcodes.org/security/password-attack-methods-and-prevention/
-  http://computernetworkingnotes.com/network-security-acess-lists-standards-and extended/types-of-attack.html
-  http://searchsecurity.techtarget.com/definition/digital-signature
-  http://searchnetworking.techtarget.com/definition/Novell-Directory-Services
-  http://searchsecurity.techtarget.com/definition/biometric-authentication
Publication order reference