Boosting Authentication Security by Building Strong Password and Individualizing Easy to Remember Techniques

Authors

  • Nooruldeen Nasih Qader Department of Computer Science, College of Science, University of Sulaimani, Sulaymaniyah, Iraq nuraddin.qadir@univsul.edu.iq, College of Science and Technology, University of Human Development, Sulaymaniyah, Kurdistan Region, Iraq http://orcid.org/0000-0001-7822-6868

DOI:

https://doi.org/10.21928/juhd.v2n3y2016.pp520-527

Keywords:

Password Manager, Authentication Security, Encryption, Hacker Usability

Abstract

Newly released researches disclose the need of canceling the incorrect opinion; security by Password (PW) is dead and proves that these believe has been hurtful. Moreover, recommended a campaign prioritize strategies of building PW. Considering the PW features such as costless, maturity and vast experiences, and usability PW continues to be the most used options in Information Security (IS), it is furthermore, consider most challengers to researchers and really needs further boosting. PWs control authentication mechanism of IS, requiring that individuals choose strong PW. The best advice to protect from hackers is randomly generating unique PW for every site and service, to apply this advice we need more techniques of easy to remember and hard to guess. This study proposed a bunch of easy to remember techniques for building a strong PW. Also, it exhibited the importance of similar strategy despite existing of many helpful PW managers. On the other hand, this paper compiled and analyzed today’s data regarding authenticating secure systems via PW. Analyzed data showed some of common weakness in PW selection. Moreover, gathered information and evaluated data indicated the need of boosting PW. Proposed techniques and solutions enable individuals to select appropriate PW easily.

References

[1] 3 Ways to Create a Password You Can Remember - wikiHow: http://www.wikihow.com/Create-a-Password-You-Can-Remember. Accessed: 2014-04-29.
[2] Burnett, M. 2006. Perfect password: Selection, protection, authentication. Syngress Publishing, Inc.
[3] Carnavalet, X. de and Mannan, M. 2013. From very weak to very strong: Analyzing password-strength meters. Network and Distributed System. (2013).
[4] Charoen, D. 2014. Password Security. 8 (2014), 1–14.
[5] Chen, N. and Jiang, R. 2014. Security Analysis and Improvement of User Authentication Framework for Cloud Computing. Journal of Networks. 9, 1 (2014), 198–203.
[6] Cheng, B. et al. 2014. Corporate social responsibility and access to finance. Strategic Management Journal. 35, 1 (Jan. 2014), 1–23.
[7] Cheswick, W. 2013. Rethinking passwords. Communications of the ACM. (2013).
[8] Das, A. et al. 2014. The Tangled Web of Password Reuse. February (2014), 23–26.
[9] Florencio, D. and Herley, C. 2007. A large-scale study of web password habits. International World Wide Web Conference Committee. (2007).
[10] Herley, C. and Van Oorschot, P. 2012. A Research Agenda Acknowledging the Persistence of Passwords. IEEE Security & Privacy Magazine. 10, 1 (Jan. 2012), 28–36.
[11] Jakobsson, M. and Akavipat, R. 2012. Rethinking passwords to adapt to constrained keyboards. Proc. IEEE MoST. (2012).
[12] Karthika, M. and Ravi, R. 2014. CCT: An Efficient and Affordable User Authentication Protocol Defiant to Password Pinching and Reclaiming. International Journal of Advance Research in Computer Science and Management Studies. 2, 2 (2014), 304–310.
[13] Kumar, V. and Raheja, G.S.S. 2013. Cryptography. International Journal of Computers & Technology. 4, 1 (2013), 29–32.
[14] Olusegun, O. and Ithnin, N. 2013. People are the answer to security: Establishing a Sustainable Information Security Awareness Training (ISAT) program in organization. International Journal of Computer Science and Information Security. 11, 8 (2013).
[15] Password Requirements Quick Guide | IT Services: http://itservices.stanford.edu/service/accounts/passwords/quickguide. Accessed: 2014-04-29.
[16] Phetmak, N. et al. 2014. Travel Password: A Secure and Memorable Password Scheme. Intelligent Information and Database Systems, (2014).
[17] Qader, N.N. 2014. Privacy Preserving Against Untrusted Browser Origins and Personalized Powerful Password Management. International Journal of Multidisciplinary and Current Research. April (2014), 377–385.
[18] Qader, N.N. 2014. Strategic Framework Of Multilayer Checkpoint For Database. International Journal of Computer Engineering and Applications. V, III (2014), 53–60.
[19] Rajakumari, K. 2014. The Large-Scale Online Password Guessing Attacks Against with Revisiting Defenses. 20, 1 (2014), 29–33.
[20] Sekhar, V. and Sarvabhatla, M. 2014. A Robust Biometric-Based Three-factor Remote User Authentication Scheme. arXiv preprint arXiv:1401.1318. (2014), 2–3.
[21] Vijayan, V. 2014. A Review on Password Cracking Strategies. IJRCCT. (2014), 8–15.
[22] Yue, C. 2013. All Your Browser-saved Passwords Could Belong to Us: a Security Analysis and a Cloud-based New Design. (2013), 333–340.
[23] YUVARAJ, M. et al. 2014. Implementation of Password Guessing Resistant Protocol (PGRP) to Prevent Online Attacks. International Journal of Computer Science and Mobile Computing. 3, 2 (2014), 815–826.

Published

2016-08-31

Issue

Section

Articles