A Secure System to Generate and Maintain Multi- Domain Password to Defend against Password Attacks
Password is a secret word or string of character that is used for user authentication to prove identity or for access approval to gain access to a resource. Basically, password is used in every interaction between user and information system. Unfortunately, with such a central role in security, passwords are prone to attacks. Password attack is a method of gaining unauthorized accessed to one’s computer or to a personal account. This attack reduces the convenience of authorized users. Different types of methods and protocols are used to reduce such attacks and prevent user’s data to be accessed from unauthorized users. On the other hand users also generally prefer common and easy passwords which are weak and make online guessing attacks much easier. The password guessing resistant protocol overcomes these online guessing attacks mainly brute force and dictionary attacks. This is achieved by limiting the number of attempts made during login. The goal is to provide convenient and secured login to the authorized users which is by blocking the IP address from which there are more number of failed login attempts. Enabling convenient login for authorized users while preventing attacks is a difficult problem. We proposes a new “Gold Code Sequence Generator” (GCSG), derived upon revisiting prior proposals designed to restrict such attacks. While GCSG generates new password every time whenever an authorized user log’s in and password is stored in hash form instead of any row form.
Key words- Gold Code Sequence Generator (GCSC), Password Guessing Resistant Protocol (PGRP), Password attacks, security.