An Enhanced Password-Username Authentication System Using Cryptographic Hashing and Recognition Based Graphical Password
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2016, Vol 18, Issue 4
Abstract
Abstract: Password-username authentication is a critical component of today’s web application technology that is commonly used to control access to restricted resources. However, poor design, coding flaws and weakuser login credentials exposes this functionality to Sequel Query Language Injection (SQLI) and online password guessing attacks. Current techniques advanced by researchers to address authentication attacks only focus on either one of them, thus failing to envisage a scenario where the login form can be used to launch both SQLI and online password guessing attacks. To address this challenge, this paper presents an authentication solution that addresses the issue of SQLI and online password guessing attacks on login form as implemented in generic web applications. The solution combines the use of plain text credentials that are cryptographically hashed at runtime with recognition based graphical login credentials. The goal is to always guarantee access to a user account even when such account is under attack while at the same time ensuring convenient and secure login experience by legitimate users. This is achieved by blocking the Internet Protocol (IP) addresses fromwhich there are unsuccessful login attempts. Security test shows that the solution is not vulnerable to SQLI and online password guessing attacks.
Authors and Affiliations
Tivkaa, M. L , Choji, D. N , Agaji, I , Atsa‟am, D.
Keywords
Related Articles
- EP ID EP96185
- DOI -
- Views 125
- Downloads 0
Things on which a computer science engineer should focus on
Cloud Computing: Environment of Next Generation Technology
Abstract: Cloud computing is the convergence of virtualization, Distributed Applications, Grid, Maturity of enterprise software application and enterprise IT Management. It is a tremendously attractive technology a...
Task Allocation in heterogeneous Distributed Real Time System for Optimal Utilization of Processor’s Capacity
Abstract: In Distributed Real Time System (DRTS), systematic allocation of the tasks among processors is one of the important parameter, which determine the optimal utilization of available resources. If this step is not...
User Profile Completion with Online Social Circles
User profile is a kind of most effective feature and cue of user behavioranalysis. However, most ofusers'profiles are incomplete and untruthful, and users' tag and profile data are rathersparse on social media. It...
Privacy Preservation for Knowledge Discovery: A Survey
Today’s globally networked society places great demand on the dissemination and sharing of information. Privacy Preservation is an important issue in the release of data for mining purposes. How to efficiently...