SlideShare a Scribd company logo

Generic Authentication System

IRJET Journal
IRJET Journal

https://www.irjet.net/archives/V3/i1/IRJET-V3I168.pdf

Engineering
1 of 3
Download to read offline
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 03 Issue: 01 | Jan-2016 www.irjet.net p-ISSN: 2395-0072 © 2016, IRJET ISO 9001:2008 Certified Journal Page 401 GENERIC AUTHENTICATION SYSTEM Veena Bhawani1, Varsha Chaudhary 2, Pranav Lawate 3, Dr. D.V. Patil4 1Bachelor of Engineering, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India 2 Bachelor of Engineering, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India 3 Bachelor of Engineering, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India 4 Assistant Professor, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Since the beginning of era of personal computation there is growing need of security in ample number of fields. With increased number of devices per person, authentication becomes crucial. For providing solution to this issue, a new paradigm of security primitives emerged. In Today’s world mostly alphanumeric passwords (string password) are used which are vulnerable to many types of attacks i.e. Dictionary attacks, DOS attacks ,Bot attacks etc. and graphical passwords suffer because of some vulnerabilities like Shoulder Surfing attacks. In this project we are designing an API which will be generic for authentication purpose provided to web application service providers named as “Generic Authentication System”. Our system accommodates and integrates legacy methods viz. string passwords and graphical passwords with abating drawbacks by collaboration and provides a novel and a better approach. GenAuth is not a panacea, but it offers reasonable security and usability and appears to fit well with some practical applications for improving online security.. Key Words: Alpha Numeric password, Graphical password, Dictionary attack, shoulder surfing attacks, GenAuth. 1. INTRODUCTION In Today’s world we deal with information. Information generally is, an answer to the question, as well as that which knowledge and data can be derived. This information may be personal information like bank account details, contact details, residential detail, etc. It may be social information like details sheared on social networking sites i.e. facebook, twitter, etc. Putting your data on some website’s server appears disconcerting to many provided. The website is legitimate and will not use your data without proper consent, there is a probability of leakage of your data because of compromised Security. As a Result, potentially sensitive data, bank details are at paramount risk. Authentication is the principal method to guarantee information security and the most common and convenient method is password authentication. Traditional alphanumeric passwords are strings of letters and digits, which are easy and familiar to essentially all users. However, there are several inherent defects and deficiencies in alphanumeric passwords, which easily evolve into security issues. Due to the limitation of human memory, most users tend to choose short or simple passwords which are easy to remember. Surveys show that frequent passwords are personal names of family members, birth date, or dictionary words. In most cases, these passwords are easy to guess and vulnerable to dictionary attack. Today users have many passwords for personal computers, social networks, E-mail, and more. They may decide to use one password for all systems to decrease the memory burden, which reduces security. Moreover, alphanumeric passwords are vulnerable to shoulder surfing attack, spyware attack and social engineering attack etc. Motivated by the promise of improved password usability and security, the concept of graphical passwords was proposed in 1996. Like alphanumeric passwords, graphical passwords are knowledge-based authentication mechanisms. The main goal of graphical passwords is to use images or shapes to replace text, since numerous cognitive and psychological studies demonstrated that people perform far better when remembering pictures than words. Graphical passwords are vulnerable to shoulder-surfing attacks through direct observation or video recording. Here we integrated string password and graphical passwords. So system provides better security and usability and appears to fit well with some practical applications. Our system aims at providing a novel and better way of authentication for web sites as well as applet supporting projects.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 03 Issue: 01 | Jan-2016 www.irjet.net p-ISSN: 2395-0072 © 2016, IRJET ISO 9001:2008 Certified Journal Page 402 2. RELATED WORK According to the taxonomy devised by L.Vasiu and I.Vasiu[1], password attacks can be grouped into three different categories: guessing, cracking, and harvesting. If the password can easily be guessed, then this is a clear indication of a weak password set by the user. In some cases the password is set to be the same as the username, full name or birth date of the victim. If the password can be found using special software or algorithms, then that password is cracked. Finally, if the attacker manipulates their victims physically and/or psychologically so as to retrieve their passwords, this is referred to as password harvesting. The authors believe the system is still vulnerable to shoulder-surfing attacks through direct observation or video recording. Man et al[2]. propose an alternative form of graphical passwords, where icons presented to the user have a number of variations (creating convex hulls)and thus limiting the attacker’s ability to identify the correct password. A follow up study by the authors is still in progress, where they plan to mathematically prove the resistance of this system to shoulder-surfing. Suo[3] proposed a shoulder surfing resistant scheme based on PassPoints. During login, the image is blurred except for a small focus area. Users enter Y (for yes) or N (for no) on the keyboard, or use the right and left mouse buttons, to indicate if their click-point is within the focused area. This process repeats 5 to 10 times. It is easily guessed by attackers if the click points are too few. A similar technique, visKey[4], was developed by Sfr, and is a commercial version of PassPoints for the PPC (Pocket Personal Computer). This scheme is used for screen-unlock by tapping on a correct sequence of click- points with a stylus or finger. VisKey PPC combines easy handling with high security for mobile devices. Just a few clicks in a picture may offer a large theoretical password space. To reduce hotspots and improve usability of click based graphical password schemes, Chiasson et al[5]. proposed Cued Click-Points (CCP), a variation of Pass- Points in which users click on one point per image for a sequence of images. The next image is displayed based on the location of the previous click-point, that is, each image after the first is a deterministic function of the current image and the coordinates of the user-entered click-point. If users click an incorrect point, a wrong image will be displayed. It is meaningless to attackers without knowledge of the correct password. However, analysis of user choice revealed that users tended to select click- points falling within known hotspots. 3. GOALS AND OBJECTIVES: Objectives are as follows, 1. The main objective of our system is to offer reasonable security and usability. 2. Fit with practical online applications and improve online security. 4. PROPOSED WORK: The proposed system uses combination of alphanumeric password (string passwords) and graphical password to provide better authentication. Proposed system provides a novel idea for authentication using image with traditional String Password. Co-ordinates of the image and alphanumeric keys will be stored at master record (Server). We keep mapping the credentials with users account. As per this mapping authenticity of logging user can be determined. Here we integrated string password and graphical passwords, So system provides better security and usability and appears to fit well with some practical applications. 5. SYSTEM ARCHITECTURE: Fig -1: System Architecture The Architecture diagram shows Client Application is Redirects the user to authentication server through provided API. Authentication Algorithm (Server) is checks further valid co-ordinates. Valid co-ordinate and alphanumeric keys stored in Master Record. When authentication is valid it returns true. When authentication is invalid it returns false. 5. CONCLUSIONS We propose Generic Authentication System, a new novel and better security primitive relying on unsolved hard AI problems. Generic Authentication System is both graphical and an Alphanumeric password scheme. The notion of
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 03 Issue: 01 | Jan-2016 www.irjet.net p-ISSN: 2395-0072 © 2016, IRJET ISO 9001:2008 Certified Journal Page 403 Generic Authentication System introduces a new family of graphical passwords with together, which adopts a new approach to counter online guessing attacks which is used for every login attempt to make trials of an online guessing attack computationally independent of each other. A password of Generic Authentication System can be found only probabilistically by automatic online guessing attacks including brute-force attacks, a desired security property that other graphical password schemes lack. The proposed system is an API which will be Generic for Authentication purpose provided to web application service provided named as “Generic Authentication System”. It offer reasonable security and usability. Appears to fit with some practical online application for improving online security. It also, defence against online attacks. ACKNOWLEDGEMENT We would like to take this opportunity to thank our guide Dr. D.V. Patil for giving us all the help and guidance we needed. REFERENCES [1] L. Vasiu and I. Vasiu, “Dissecting Computer Fraud: From Definitional Issues to a Taxonomy,” presented at 37th Hawaii International Confernces on System Sciences, Hawaii, 2004. [2] S. Man, D. Hong, B. Hayes, and M. Matthews, “A password scheme strongly resistant to spyware,” presented at Int. Conf. on Security and Management, Las Vegas, NV, 2004. [3] X. Suo, Y. Zhu, and G. Owen. “Graphical passwords: A survey”. In Annual Computer Security Applications Conference (ACSAC), December 2005. [4] “Sfr”,www.sfr-software.de/cms/EN/pocketpc/viskey /index.html, site accessed in Oct, 2012. [5] S. Chiasson, P.C. van Oorschot, and R. Biddle. “Graphical password authentication using Cued Click Points”. In European Symposium On Research In Computer Security (ESORICS), LNCS 4734, September 2007, pp. 359-374. [6] Bin B. Zhu, Jeff Yan, Guanbo Bao, Maowei Yang, and Ning Xu, “Captcha as Graphical PasswordsA New Security Primitive Based on Hard AI Problems,” in IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 6, JUNE 2014. [7] Haichang Gao, Wei Jia, Fei Ye and Licheng Ma, “A Survey on the Use of Graphical Passwords in Security,” in Institute of Software Engineering, Xidian University, Xian, P.R.China, JOURNAL OF SOFTWARE, VOL. 8, NO. 7,JULY 2013. BIOGRAPHIES: Veena Bhawani is currently a student of GESRHSCOE, Nashik from the University of Savitribai Phule, Pune. Her main research interests include: a)Web-Mining b)Object oriented programming c) Web-Designing. Varsha Chaudhary is currently a student of GESRHSCOE, Nashik from the University of Savitribai Phule, Pune. Her main research interests include: a)Data-Mining b)Object oriented programming c) Web-Designing. Pranav Lawate is currently a student of GESRHSCOE, Nashik from the University of Savitribai Phule, Pune. His main research interests include: a)Security b) Java programming c) Server Administration.

Recommended

A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
IRJET Journal
 
IRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing AttacksIRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET Journal
 
IRJET- Password Management Kit for Secure Authentication
IRJET- Password Management Kit for Secure AuthenticationIRJET- Password Management Kit for Secure Authentication
IRJET- Password Management Kit for Secure Authentication
IRJET Journal
 
Image authentication for secure login
Image authentication for secure loginImage authentication for secure login
Image authentication for secure login
IRJET Journal
 
IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...
IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...
IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...
IRJET Journal
 
Engineering Project of Venkata Krishna
Engineering Project of Venkata KrishnaEngineering Project of Venkata Krishna
Engineering Project of Venkata Krishna
banda5630
 
Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...
Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...
Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...
IRJET Journal
 
Smart Password
Smart PasswordSmart Password
Smart Password
paperpublications3
 

Recommended

A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
IRJET Journal
 
IRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing AttacksIRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET Journal
 
IRJET- Password Management Kit for Secure Authentication
IRJET- Password Management Kit for Secure AuthenticationIRJET- Password Management Kit for Secure Authentication
IRJET- Password Management Kit for Secure Authentication
IRJET Journal
 
Image authentication for secure login
Image authentication for secure loginImage authentication for secure login
Image authentication for secure login
IRJET Journal
 
IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...
IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...
IRJET- Security Enhancements by Achieving Flatness in Honeyword for Web u...
IRJET Journal
 
Engineering Project of Venkata Krishna
Engineering Project of Venkata KrishnaEngineering Project of Venkata Krishna
Engineering Project of Venkata Krishna
banda5630
 
Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...
Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...
Secret Lock – Anti Theft: Integration of App Locker & Detection of Theft Usin...
IRJET Journal
 
Smart Password
Smart PasswordSmart Password
Smart Password
paperpublications3
 
IRJET - Secure Banking Application with Image and GPS Location
IRJET - Secure Banking Application with Image and GPS LocationIRJET - Secure Banking Application with Image and GPS Location
IRJET - Secure Banking Application with Image and GPS Location
IRJET Journal
 
IRJET- Smartphone Sensor based Security Questions and Location
IRJET- Smartphone Sensor based Security Questions and LocationIRJET- Smartphone Sensor based Security Questions and Location
IRJET- Smartphone Sensor based Security Questions and Location
IRJET Journal
 
Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...
eSAT Publishing House
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
IJCST - ESRG Journals
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
IJNSA Journal
 
Ijsrdv8 i10355
Ijsrdv8 i10355Ijsrdv8 i10355
Ijsrdv8 i10355
aissmsblogs
 
IRJET- Two Way Authentication for Banking Systems
IRJET- Two Way Authentication for Banking SystemsIRJET- Two Way Authentication for Banking Systems
IRJET- Two Way Authentication for Banking Systems
IRJET Journal
 
M-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolM-Pass: Web Authentication Protocol
M-Pass: Web Authentication Protocol
IJERD Editor
 
IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...
IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...
IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...
IRJET Journal
 
firozreport.pdf
firozreport.pdffirozreport.pdf
firozreport.pdf
Firozkumar2
 
finalreportsoarnew (1).pdf
finalreportsoarnew (1).pdffinalreportsoarnew (1).pdf
finalreportsoarnew (1).pdf
Firozkumar2
 
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Telefónica
 
J0704055058
J0704055058J0704055058
J0704055058
IJERD Editor
 
An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication
IJMER
 
Effectiveness of various user authentication techniques
Effectiveness of various user authentication techniquesEffectiveness of various user authentication techniques
Effectiveness of various user authentication techniques
IAEME Publication
 
Automated Detection of Session Fixation Vulnerabilities
Automated Detection of Session Fixation VulnerabilitiesAutomated Detection of Session Fixation Vulnerabilities
Automated Detection of Session Fixation Vulnerabilities
Yuji Kosuga
 
An Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual CryptographyAn Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual Cryptography
IRJET Journal
 
Break Loose Acting To Forestall Emulation Blast
Break Loose Acting To Forestall Emulation BlastBreak Loose Acting To Forestall Emulation Blast
Break Loose Acting To Forestall Emulation Blast
IRJET Journal
 
Design and Implementation of Enhanced Single Sign on System for Education Sys...
Design and Implementation of Enhanced Single Sign on System for Education Sys...Design and Implementation of Enhanced Single Sign on System for Education Sys...
Design and Implementation of Enhanced Single Sign on System for Education Sys...
IRJET Journal
 
IRJET- Three Step Password Verification by using Random Key Order
IRJET- Three Step Password Verification by using Random Key OrderIRJET- Three Step Password Verification by using Random Key Order
IRJET- Three Step Password Verification by using Random Key Order
IRJET Journal
 
IRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking System
IRJET Journal
 
IRJET - Image Authentication System using Passmatrix
IRJET - Image Authentication System using PassmatrixIRJET - Image Authentication System using Passmatrix
IRJET - Image Authentication System using Passmatrix
IRJET Journal
 

More Related Content

What's hot

Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...
eSAT Publishing House
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
IJCST - ESRG Journals
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
IJNSA Journal
 
An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication
IJMER
 

What's hot (20)

IRJET - Secure Banking Application with Image and GPS Location
IRJET - Secure Banking Application with Image and GPS LocationIRJET - Secure Banking Application with Image and GPS Location
IRJET - Secure Banking Application with Image and GPS Location
 
IRJET- Smartphone Sensor based Security Questions and Location
IRJET- Smartphone Sensor based Security Questions and LocationIRJET- Smartphone Sensor based Security Questions and Location
IRJET- Smartphone Sensor based Security Questions and Location
 
Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...Count based hybrid graphical password to prevent brute force attack and shoul...
Count based hybrid graphical password to prevent brute force attack and shoul...
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
 
Ijsrdv8 i10355
Ijsrdv8 i10355Ijsrdv8 i10355
Ijsrdv8 i10355
 
IRJET- Two Way Authentication for Banking Systems
IRJET- Two Way Authentication for Banking SystemsIRJET- Two Way Authentication for Banking Systems
IRJET- Two Way Authentication for Banking Systems
 
M-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolM-Pass: Web Authentication Protocol
M-Pass: Web Authentication Protocol
 
IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...
IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...
IRJET-Enhancement of Security using 2-Factor Authentication, 2nd Factor being...
 
firozreport.pdf
firozreport.pdffirozreport.pdf
firozreport.pdf
 
finalreportsoarnew (1).pdf
finalreportsoarnew (1).pdffinalreportsoarnew (1).pdf
finalreportsoarnew (1).pdf
 
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
 
J0704055058
J0704055058J0704055058
J0704055058
 
An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication
 
Effectiveness of various user authentication techniques
Effectiveness of various user authentication techniquesEffectiveness of various user authentication techniques
Effectiveness of various user authentication techniques
 
Automated Detection of Session Fixation Vulnerabilities
Automated Detection of Session Fixation VulnerabilitiesAutomated Detection of Session Fixation Vulnerabilities
Automated Detection of Session Fixation Vulnerabilities
 
An Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual CryptographyAn Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual Cryptography
 
Break Loose Acting To Forestall Emulation Blast
Break Loose Acting To Forestall Emulation BlastBreak Loose Acting To Forestall Emulation Blast
Break Loose Acting To Forestall Emulation Blast
 
Design and Implementation of Enhanced Single Sign on System for Education Sys...
Design and Implementation of Enhanced Single Sign on System for Education Sys...Design and Implementation of Enhanced Single Sign on System for Education Sys...
Design and Implementation of Enhanced Single Sign on System for Education Sys...
 
IRJET- Three Step Password Verification by using Random Key Order
IRJET- Three Step Password Verification by using Random Key OrderIRJET- Three Step Password Verification by using Random Key Order
IRJET- Three Step Password Verification by using Random Key Order
 

Similar to Generic Authentication System

Persuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTPPersuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTP
IJCSIS Research Publications
 

Similar to Generic Authentication System (20)

IRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking System
 
IRJET - Image Authentication System using Passmatrix
IRJET - Image Authentication System using PassmatrixIRJET - Image Authentication System using Passmatrix
IRJET - Image Authentication System using Passmatrix
 
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
 
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTPIRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTP
 
IRJET- A Shoulder Surfing Resistance using HMAC Algorithm
IRJET- A Shoulder Surfing Resistance using HMAC AlgorithmIRJET- A Shoulder Surfing Resistance using HMAC Algorithm
IRJET- A Shoulder Surfing Resistance using HMAC Algorithm
 
IRJET - TTL: Tap to Login
IRJET - TTL: Tap to LoginIRJET - TTL: Tap to Login
IRJET - TTL: Tap to Login
 
IRJET - Two Model Biometrics Authentication for Locker System
IRJET - Two Model Biometrics Authentication for Locker SystemIRJET - Two Model Biometrics Authentication for Locker System
IRJET - Two Model Biometrics Authentication for Locker System
 
Graphical Password Authentication using Image Segmentation
Graphical Password Authentication using Image SegmentationGraphical Password Authentication using Image Segmentation
Graphical Password Authentication using Image Segmentation
 
IRJET-PASSMATRIX- An Authentication System to Resist Shoulder Surfing Attacks
IRJET-PASSMATRIX- An Authentication System to Resist Shoulder Surfing AttacksIRJET-PASSMATRIX- An Authentication System to Resist Shoulder Surfing Attacks
IRJET-PASSMATRIX- An Authentication System to Resist Shoulder Surfing Attacks
 
Graphical Password Authentication
Graphical Password AuthenticationGraphical Password Authentication
Graphical Password Authentication
 
IRJET- Secure Online Payment with Facial Recognition using CNN
IRJET- Secure Online Payment with Facial Recognition using CNNIRJET- Secure Online Payment with Facial Recognition using CNN
IRJET- Secure Online Payment with Facial Recognition using CNN
 
IRJET- Eye Tracking for Password Authentication using Machine Learning
IRJET- Eye Tracking for Password Authentication using Machine LearningIRJET- Eye Tracking for Password Authentication using Machine Learning
IRJET- Eye Tracking for Password Authentication using Machine Learning
 
A Review on Two Level Authentication Using Image Selection and Voice Recognition
A Review on Two Level Authentication Using Image Selection and Voice RecognitionA Review on Two Level Authentication Using Image Selection and Voice Recognition
A Review on Two Level Authentication Using Image Selection and Voice Recognition
 
Review on Implementation Visual Cryptography & Steganography for Secure Authe...
Review on Implementation Visual Cryptography & Steganography for Secure Authe...Review on Implementation Visual Cryptography & Steganography for Secure Authe...
Review on Implementation Visual Cryptography & Steganography for Secure Authe...
 
IRJET- PASSMATRIX- An Authentication System to Resist Shoulder Surfing Att...
IRJET- PASSMATRIX- An Authentication System to Resist Shoulder Surfing Att...IRJET- PASSMATRIX- An Authentication System to Resist Shoulder Surfing Att...
IRJET- PASSMATRIX- An Authentication System to Resist Shoulder Surfing Att...
 
Persuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTPPersuasive Cued Click Point Password with OTP
Persuasive Cued Click Point Password with OTP
 
Continuous User Identity Verification through Secure Login Session
Continuous User Identity Verification through Secure Login Session Continuous User Identity Verification through Secure Login Session
Continuous User Identity Verification through Secure Login Session
 
IRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder LockIRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder Lock
 
Remote User Authentication using blink mechanism - ‘Iblink’ with Machine Lear...
Remote User Authentication using blink mechanism - ‘Iblink’ with Machine Lear...Remote User Authentication using blink mechanism - ‘Iblink’ with Machine Lear...
Remote User Authentication using blink mechanism - ‘Iblink’ with Machine Lear...
 
Video Captcha as a Graphical Password
Video Captcha as a Graphical PasswordVideo Captcha as a Graphical Password
Video Captcha as a Graphical Password
 

More from IRJET Journal

More from IRJET Journal (20)

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web application
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
 

Recently uploaded

notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
MsecMca
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Kandungan 087776558899
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
SUHANI PANDEY
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 

Recently uploaded (20)

notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxCOST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equation
 
Unit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdfUnit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdf
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 

Generic Authentication System

  • 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 03 Issue: 01 | Jan-2016 www.irjet.net p-ISSN: 2395-0072 © 2016, IRJET ISO 9001:2008 Certified Journal Page 401 GENERIC AUTHENTICATION SYSTEM Veena Bhawani1, Varsha Chaudhary 2, Pranav Lawate 3, Dr. D.V. Patil4 1Bachelor of Engineering, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India 2 Bachelor of Engineering, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India 3 Bachelor of Engineering, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India 4 Assistant Professor, Department Of Computer Engineering, GESRHSCOE, Nashik, Maharashtra, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Since the beginning of era of personal computation there is growing need of security in ample number of fields. With increased number of devices per person, authentication becomes crucial. For providing solution to this issue, a new paradigm of security primitives emerged. In Today’s world mostly alphanumeric passwords (string password) are used which are vulnerable to many types of attacks i.e. Dictionary attacks, DOS attacks ,Bot attacks etc. and graphical passwords suffer because of some vulnerabilities like Shoulder Surfing attacks. In this project we are designing an API which will be generic for authentication purpose provided to web application service providers named as “Generic Authentication System”. Our system accommodates and integrates legacy methods viz. string passwords and graphical passwords with abating drawbacks by collaboration and provides a novel and a better approach. GenAuth is not a panacea, but it offers reasonable security and usability and appears to fit well with some practical applications for improving online security.. Key Words: Alpha Numeric password, Graphical password, Dictionary attack, shoulder surfing attacks, GenAuth. 1. INTRODUCTION In Today’s world we deal with information. Information generally is, an answer to the question, as well as that which knowledge and data can be derived. This information may be personal information like bank account details, contact details, residential detail, etc. It may be social information like details sheared on social networking sites i.e. facebook, twitter, etc. Putting your data on some website’s server appears disconcerting to many provided. The website is legitimate and will not use your data without proper consent, there is a probability of leakage of your data because of compromised Security. As a Result, potentially sensitive data, bank details are at paramount risk. Authentication is the principal method to guarantee information security and the most common and convenient method is password authentication. Traditional alphanumeric passwords are strings of letters and digits, which are easy and familiar to essentially all users. However, there are several inherent defects and deficiencies in alphanumeric passwords, which easily evolve into security issues. Due to the limitation of human memory, most users tend to choose short or simple passwords which are easy to remember. Surveys show that frequent passwords are personal names of family members, birth date, or dictionary words. In most cases, these passwords are easy to guess and vulnerable to dictionary attack. Today users have many passwords for personal computers, social networks, E-mail, and more. They may decide to use one password for all systems to decrease the memory burden, which reduces security. Moreover, alphanumeric passwords are vulnerable to shoulder surfing attack, spyware attack and social engineering attack etc. Motivated by the promise of improved password usability and security, the concept of graphical passwords was proposed in 1996. Like alphanumeric passwords, graphical passwords are knowledge-based authentication mechanisms. The main goal of graphical passwords is to use images or shapes to replace text, since numerous cognitive and psychological studies demonstrated that people perform far better when remembering pictures than words. Graphical passwords are vulnerable to shoulder-surfing attacks through direct observation or video recording. Here we integrated string password and graphical passwords. So system provides better security and usability and appears to fit well with some practical applications. Our system aims at providing a novel and better way of authentication for web sites as well as applet supporting projects.
  • 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 03 Issue: 01 | Jan-2016 www.irjet.net p-ISSN: 2395-0072 © 2016, IRJET ISO 9001:2008 Certified Journal Page 402 2. RELATED WORK According to the taxonomy devised by L.Vasiu and I.Vasiu[1], password attacks can be grouped into three different categories: guessing, cracking, and harvesting. If the password can easily be guessed, then this is a clear indication of a weak password set by the user. In some cases the password is set to be the same as the username, full name or birth date of the victim. If the password can be found using special software or algorithms, then that password is cracked. Finally, if the attacker manipulates their victims physically and/or psychologically so as to retrieve their passwords, this is referred to as password harvesting. The authors believe the system is still vulnerable to shoulder-surfing attacks through direct observation or video recording. Man et al[2]. propose an alternative form of graphical passwords, where icons presented to the user have a number of variations (creating convex hulls)and thus limiting the attacker’s ability to identify the correct password. A follow up study by the authors is still in progress, where they plan to mathematically prove the resistance of this system to shoulder-surfing. Suo[3] proposed a shoulder surfing resistant scheme based on PassPoints. During login, the image is blurred except for a small focus area. Users enter Y (for yes) or N (for no) on the keyboard, or use the right and left mouse buttons, to indicate if their click-point is within the focused area. This process repeats 5 to 10 times. It is easily guessed by attackers if the click points are too few. A similar technique, visKey[4], was developed by Sfr, and is a commercial version of PassPoints for the PPC (Pocket Personal Computer). This scheme is used for screen-unlock by tapping on a correct sequence of click- points with a stylus or finger. VisKey PPC combines easy handling with high security for mobile devices. Just a few clicks in a picture may offer a large theoretical password space. To reduce hotspots and improve usability of click based graphical password schemes, Chiasson et al[5]. proposed Cued Click-Points (CCP), a variation of Pass- Points in which users click on one point per image for a sequence of images. The next image is displayed based on the location of the previous click-point, that is, each image after the first is a deterministic function of the current image and the coordinates of the user-entered click-point. If users click an incorrect point, a wrong image will be displayed. It is meaningless to attackers without knowledge of the correct password. However, analysis of user choice revealed that users tended to select click- points falling within known hotspots. 3. GOALS AND OBJECTIVES: Objectives are as follows, 1. The main objective of our system is to offer reasonable security and usability. 2. Fit with practical online applications and improve online security. 4. PROPOSED WORK: The proposed system uses combination of alphanumeric password (string passwords) and graphical password to provide better authentication. Proposed system provides a novel idea for authentication using image with traditional String Password. Co-ordinates of the image and alphanumeric keys will be stored at master record (Server). We keep mapping the credentials with users account. As per this mapping authenticity of logging user can be determined. Here we integrated string password and graphical passwords, So system provides better security and usability and appears to fit well with some practical applications. 5. SYSTEM ARCHITECTURE: Fig -1: System Architecture The Architecture diagram shows Client Application is Redirects the user to authentication server through provided API. Authentication Algorithm (Server) is checks further valid co-ordinates. Valid co-ordinate and alphanumeric keys stored in Master Record. When authentication is valid it returns true. When authentication is invalid it returns false. 5. CONCLUSIONS We propose Generic Authentication System, a new novel and better security primitive relying on unsolved hard AI problems. Generic Authentication System is both graphical and an Alphanumeric password scheme. The notion of
  • 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 03 Issue: 01 | Jan-2016 www.irjet.net p-ISSN: 2395-0072 © 2016, IRJET ISO 9001:2008 Certified Journal Page 403 Generic Authentication System introduces a new family of graphical passwords with together, which adopts a new approach to counter online guessing attacks which is used for every login attempt to make trials of an online guessing attack computationally independent of each other. A password of Generic Authentication System can be found only probabilistically by automatic online guessing attacks including brute-force attacks, a desired security property that other graphical password schemes lack. The proposed system is an API which will be Generic for Authentication purpose provided to web application service provided named as “Generic Authentication System”. It offer reasonable security and usability. Appears to fit with some practical online application for improving online security. It also, defence against online attacks. ACKNOWLEDGEMENT We would like to take this opportunity to thank our guide Dr. D.V. Patil for giving us all the help and guidance we needed. REFERENCES [1] L. Vasiu and I. Vasiu, “Dissecting Computer Fraud: From Definitional Issues to a Taxonomy,” presented at 37th Hawaii International Confernces on System Sciences, Hawaii, 2004. [2] S. Man, D. Hong, B. Hayes, and M. Matthews, “A password scheme strongly resistant to spyware,” presented at Int. Conf. on Security and Management, Las Vegas, NV, 2004. [3] X. Suo, Y. Zhu, and G. Owen. “Graphical passwords: A survey”. In Annual Computer Security Applications Conference (ACSAC), December 2005. [4] “Sfr”,www.sfr-software.de/cms/EN/pocketpc/viskey /index.html, site accessed in Oct, 2012. [5] S. Chiasson, P.C. van Oorschot, and R. Biddle. “Graphical password authentication using Cued Click Points”. In European Symposium On Research In Computer Security (ESORICS), LNCS 4734, September 2007, pp. 359-374. [6] Bin B. Zhu, Jeff Yan, Guanbo Bao, Maowei Yang, and Ning Xu, “Captcha as Graphical PasswordsA New Security Primitive Based on Hard AI Problems,” in IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 6, JUNE 2014. [7] Haichang Gao, Wei Jia, Fei Ye and Licheng Ma, “A Survey on the Use of Graphical Passwords in Security,” in Institute of Software Engineering, Xidian University, Xian, P.R.China, JOURNAL OF SOFTWARE, VOL. 8, NO. 7,JULY 2013. BIOGRAPHIES: Veena Bhawani is currently a student of GESRHSCOE, Nashik from the University of Savitribai Phule, Pune. Her main research interests include: a)Web-Mining b)Object oriented programming c) Web-Designing. Varsha Chaudhary is currently a student of GESRHSCOE, Nashik from the University of Savitribai Phule, Pune. Her main research interests include: a)Data-Mining b)Object oriented programming c) Web-Designing. Pranav Lawate is currently a student of GESRHSCOE, Nashik from the University of Savitribai Phule, Pune. His main research interests include: a)Security b) Java programming c) Server Administration.