文章基本信息

标题：Secured Password Hacking Process Using Multi Authentication Process
本地全文：下载
作者：P.KAVITHA
期刊名称：International Journal of Innovative Research in Computer and Communication Engineering
印刷版ISSN：2320-9798
电子版ISSN：2320-9801
出版年度：2013
卷号：1
期号：10
出版社：S&S Publications
摘要：Online Guessing attacks on Password Based Systems are inevitable and commonly observed againstWeb Applications. Server Verifies User Name from the Cookie of the User’s Machine, System IP, Catcha, Password ofthe User, Number of Failure Attempts by the User, Web Browser. This Process of Verification is called as AutomatedTuring Tests (ATT). Authentication of User will start by asking Secret Questions which was answered during theRegistration Phase.Brute force and dictionary attacks on password-only remote login services are now widespread andever increasing. Enabling convenient login for legitimate users while preventing such attacks is a difficult problem.Automated Turing Tests (ATTs) continue to be an effective, easy-to-deploy approach to identify automated maliciouslogin attempts with reasonable cost of inconvenience to users. Inadequacy of existing and proposed login protocolsdesigned to address large scale online dictionary attacks .we propose a new Password Guessing Resistant Protocol(PGRP), derived upon revisiting prior proposals designed to restrict such attacks. While PGRP limits the total numberof login attempts from unknown remote hosts to as low as a single attempt per username, legitimate users in most casescan make several failed login attempts before being challenged with an ATT. We analyze the performance of PGRPwith two real-world datasets.