Advance Secure Login

Advance secure login is an advance technique used as a counter measure for the shoulder surfing attack.First of all the user creates an authentication account and the information regarding his/her username and password is saved in the DATABASE. For a strong password it is advisable that the password length should be between 7 to 20 characters. Most importantly, this database is hidden from the user and only accessible to the system ADMINISTRATOR of the particular system .Let us suppose that, at a later point of time, someone wants to logon to a system (here system need not be a standalone one, a user could perform remote login too) which contains the information about several users who have already registered and have the right to use the system. The incoming user will be asked to enter his authentication information, Username &Password as is usually done for a secured system. We have an “interactive screen” where, as usual, the username & password need to be entered. The username will be entered in the usual fashion as is done in most computer systems. But the trick lies while entering the password. The software uses an inbuilt technique to make the users enter their password. As the cursor is clicked on the password field a popup box appears. It contains a 7*7 “MATRIX”. But only the Columns are numbered (1-7). The elements of the matrix will be a RANDOMLY generated setof alphabets, numerals and symbols “without” REPITITION of any alphabet, numerals or symbols in the matrix.Thus we include 12 special CHARACTERS in the first two rows followed by the APLHABETS and then the NUMBERS. The special characters are shuffled in the first two columns and are not mixed with the numbers or alphabets. While the numbersand alphabets are shuffled separately.Now here’s the trick. The user when asked for the “PASSOWRD” then he/she will type the “column position” of each password character. Now the major advantage is that even if the person would type the position of his password characters then too the person looking over his password would be confuse as there are 8 characters in each columns.Now in case if the same person comes a second time to login his username and password then first of all the matrix would be“shuffled” automatically and then positions of the characterswould change.Thus we can see that we have a wide range of combinations for selecting the password. So it will be very difficult for an unauthorized person to enter into a system by merely guessing a password of another user.

http://www.ijsrp.org/research_paper_dec2011/ijsrp-dec-2011-08.pdf