Document Type : Primary Research paper
Assistant Professor’s, Department of CSE Nehru Institute of Technology, Coimbatore.
Assistant Professor’s, Department of CSE, Nehru Institute of Technology, Coimbatore.
When we consider the online service or desktop application there is major issue
of security breaching. Old password schemes has some drawbacks like hacking of password,
shoulder-surfing attack as far as password is concern, online password guessing attack, relay attack.
Hence there must be system that provides good solution for such password cracking attacks. There
are many solutions for it and various password schemes available that achieves this. The main
drawback of these schemes is users have to deal with complicated and tedious steps as far as
registration and login of user is concern as its logic contains some intense AI
processes. In our proposed scheme introduced a session password is a password uniquely generated
for every session. The scheme allows the system to automatically generate a session
password each time the user logs in. The session password is generated randomly based on the
randomly generated grid. The grid is used as a medium for password generation. Now the system
stores this password and uses it to generate a unique session password while user logs in the next
time. This session based authentication system uses the user password and compares alphabets
contained alongside a 6*6 grid with letters a-z and numbers 0-9. The user needs to know the
original password and the generation scheme to enter the exact password. Further graphical
passwords are coming to the existence but the graphical passwords have their own disadvantages
like they require more time to Authenticate and the usability issues. Thus we proposed a session
password scheme in which the passwords are used only once for each and when session is terminated
the password is no longer in use. It provides all benefits of session and makes system more powerful
from security point of view.