Hardening the Virtual Password Authentication Scheme

Although Internet has become one of most important parts and mostly needed by societies, that does not mean Internet is a safe place to share sensitive data. One of many unsolved Internet attacks is key-logger which is used to steal victim's data such as passwords. Researchers have done a lot of research to overcome these attacks. However, the authentication system still lacks password complexities which can be compromised with short cracking time and limited generated passwords. Therefore, we proposed a virtual password method that has the following rules: i) has minimum and maximum limit of password and ii) the generated passwords are not limited only to letters, but also numbers and symbols. With those rules, by using Kaspersky Lab secure password measurement, the cracking time can be significantly increased to 9 centuries on the conficker botnet with 10 million cores of processors. Moreover, by using Password Meter the proposed method gets score of 171.

[1]  Li Liu,et al.  A Virtual Password Scheme to Protect Passwords , 2008, 2008 IEEE International Conference on Communications.

[2]  V. Saranya,et al.  Stronger authentication for password using virtual password and secret little functions , 2014, International Conference on Information Communication and Embedded Systems (ICICES2014).

[3]  Muhammad Affandes GRID CARD: MODEL OTENTIKASI UNTUK MENCEGAH PENCURIAN DATA OTENTIKASI , 2017 .

[4]  Bala Srinivasan,et al.  An effective crypto-biometric system for secure email in wireless environment , 2009, MoMM.

[5]  Y. V. Subba Rao,et al.  Enhanced Key Life in Online Authentication Systems Using Virtual Password , 2011, 2011 Eighth International Conference on Information Technology: New Generations.

[6]  Bala Srinivasan,et al.  Increasing level of confidence of iris biometric matching , 2012, The 2012 International Joint Conference on Neural Networks (IJCNN).

[7]  Abdulla Shaik,et al.  Enhanced Online Authentication Using Virtual Password , 2016 .

[8]  Yang Xiao,et al.  Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users From Password Theft , 2014, IEEE Systems Journal.