Open Access   Article Go Back

A Survey Paper on Password Security Techniques

Ankita Hinduja1 , Pradip Sharma2

Section:Survey Paper, Product Type: Journal Paper
Volume-7 , Issue-10 , Page no. 130-136, Oct-2019

CrossRef-DOI:   https://doi.org/10.26438/ijcse/v7i10.130136

Online published on Oct 31, 2019

Copyright © Ankita Hinduja, Pradip Sharma . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

View this paper at   Google Scholar | DPI Digital Library

How to Cite this Paper

  • IEEE Citation
  • MLA Citation
  • APA Citation
  • BibTex Citation
  • RIS Citation

IEEE Style Citation: Ankita Hinduja, Pradip Sharma, “A Survey Paper on Password Security Techniques,” International Journal of Computer Sciences and Engineering, Vol.7, Issue.10, pp.130-136, 2019.

MLA Style Citation: Ankita Hinduja, Pradip Sharma "A Survey Paper on Password Security Techniques." International Journal of Computer Sciences and Engineering 7.10 (2019): 130-136.

APA Style Citation: Ankita Hinduja, Pradip Sharma, (2019). A Survey Paper on Password Security Techniques. International Journal of Computer Sciences and Engineering, 7(10), 130-136.

BibTex Style Citation:
@article{Hinduja_2019,
author = {Ankita Hinduja, Pradip Sharma},
title = {A Survey Paper on Password Security Techniques},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {10 2019},
volume = {7},
Issue = {10},
month = {10},
year = {2019},
issn = {2347-2693},
pages = {130-136},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=4908},
doi = {https://doi.org/10.26438/ijcse/v7i10.130136}
publisher = {IJCSE, Indore, INDIA},
}

RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v7i10.130136}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=4908
TI - A Survey Paper on Password Security Techniques
T2 - International Journal of Computer Sciences and Engineering
AU - Ankita Hinduja, Pradip Sharma
PY - 2019
DA - 2019/10/31
PB - IJCSE, Indore, INDIA
SP - 130-136
IS - 10
VL - 7
SN - 2347-2693
ER -

VIEWS PDF XML
395 319 downloads 189 downloads
  
  
           

Abstract

This paper proposes a scheme for password management by storing password encryptions on a server. The method involves having the encryption key into a share for the user and one for the server. The user’s share shall be based only on a selected passphrase. The server’s share shall be generated from the user’s allocate and the encryption key. The security and conviction are achieved by performing both encryption and decryption on the client side. We also address the issue of countering dictionary attack by providing a further enhancement of the scheme. Password is the most ordinary method for users to authenticate themselves when entering computer systems or websites. It acts as the first line of guard against unlawful access, and it is therefore critical to maintain the usefulness of this line of guard by strictly committed a good password management policy. This paper aims to grant a set of guiding principle and best practices for handling and managing passwords.

Key-Words / Index Term

Password Encryption, Password Storage, Identity Management, Secret Sharing

References

[1] Florêncio, D. and Herley, C. (2007) A Large-Scale Study of Web Password Habits. Proceedings of the 16th International Conference on World Wide Web, Banff, May 2007, 657-666. http://dx.doi.org/10.1145/1242572.1242661
[2] Hayday, G. (2002) Security Nightmare: How Do You Maintain 21 Different Passwords? Silicon.com.
[3] (2016) Roboform Reference Manual. Siber Systems Inc.
[4] Zhao, R. and Yue, C. (2013) All Your Browser-Saved Passwords Could Belong to Us: A Security Analysis and Acloud-Based New Design. Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, San Antonio, February, 2013, 333-340. http://dx.doi.org/10.1145/2435349.2435397
[5] Silver, D., Jana, S., Boneh, D., Chen, E. and Jackson, C. (2014) Password Managers: Attacks and Defenses. 23rd USENIX Security Symposium (USENIX Security 14), San Diago, August 2014, 449-464.
[6] Li, Z., He, W., Akhawe, D. and Song, D. (2014) The Emperor’s New Password Manager: Security Analysis Ofweb- Based Password Managers. 23rd USENIX Security Symposium (USENIX Security 14), San Diago, August 2014, 465- 480.
[7] Haque, T., Wright, M. and Scielzo, S. (2013) A Study of User Password Strategy for Multiple Accounts. Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, 173-176. http://dx.doi.org/10.1145/2435349.2435373
[8] Giuliani, K. and Murty, V.K. (2014) Split key Secure Access System. U.S. Patent No. 8,892,881.
[9] Kenneth Giuliani1, V. Kumar Murty1, Guangwu Xu2 Copyright © 2016 by authors and Scientific Research Publishing Inc. . http://www.scirp.org/journal/jis http://dx.doi.org/10.4236/jis.2016.73016
[10] Keyur Parmar, Devesh C. Jinwala http://file.scirp.org/pdf/JIS_2015010814240810.pdf
[11] Eman Alharbi, Noha Alsulami, http://file.scirp.org/pdf/JIS_2015031214001850.pdf
[12] Santanu Chatterjee, Sandip Roy, Ashok Kumar Das, Samiran Chattopadhyay, Neeraj Kumar, Member, IEEE, and Athanasios V. Vasilakos, Senior Member, IEEE[12]
[13] Ari Juels | Cornell Tech Thomas Ristenpart | University of Wisconsin Honey Encryption Encryption beyond the Brute-Force Barrier,
[14] Bruno Blanchet Automatically Verified Mechanized Proof of One-Encryption Key Exchange
[15] Joseph Bonneau The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes 2012 IEEE Symposium on Security and Privacy