Last day of the OFFER FLAT 20% off & $20 sign up bonus Order Now
Last day of the offer FLAT 20% off & $20 sign up bonus
The deployment of the web services makes use of login credential for securely transmission of information to provide the relevant information to the authorised person only. “The password is created by the user according to their choice which they can remind easily” (Garg, 2013). It helps in increasing the efficiency between users and security provided. The knowledge based authentication schemes are used for increasing the effectiveness of the information and the usability program. The development of the password is categorised into two types that are strong passwords and weak passwords. The strong passwords are those passwords which are not easily cracks down by the hackers and the weak passwords are those passwords which can be easily cracked by the hackers. “The authentication system is used for providing information to the authorised person only” (Melicher, 2016). The authorization will be granted on filling the login credentials details correctly without the expiry of the session.
The objective of this paper is to focus on the password, attacks associated with the password, different methods used for password attacks, and others. The focus is also given on the countermeasures which should be taken to prevent the password from hacking. The discussion will be done on the different authentication methods which are used for preserving the confidentiality of the password. The analysis of the countermeasures helps in identifying the positive effects of authentication system.
The password is the word which is used for representing the collection of different phases which are used for securing the confidential information available on the internet. The password rules, policies, and guidelines should be used for generating it. It should be remembered by the user for carrying over the accessing of the confidential information. The strong passwords are those passwords which are not easily cracked down by the hackers and the weak passwords are those passwords which can be easily cracked by the hackers. The short length password is easy to remember but not secure while working on the internet.
The password attacks are classified into login details which are used for accessing the resources and gaining control over the network. The growth in innovation in the field of new tools and technologies associated with the flow of web services raises the concern of password attacks. It opens the door for the hacker to access the login details of the user. The loss of credit card information, bank account details, and other confidential information can affect the life of the user. The attacker can steal information from the databases if no preventive measures are proactively taken.
There are various prevention methods which are used to secure password from hacking. The creation of strong password makes use of password policies to be undertaken while creating the password for web services. The use of password policies ensures that the password should be composed of 7 characters which include capital and small alphabets along with some special characters. The use of dictionary words and logical sequence should be omitted to design the password. “The problem of dictionary attack can be resolved by creating the password by amalgamating different words of dictionary instead of using a single word from it” (Gasti, 2014). The amalgamation should be done in such a way which is easy to memorise. The techniques which are used to maintain the confidentiality of the passwords are depicted in the table below:
Serial No. | Description |
1. | The reversing of the dictionary word can help in developing secure password. |
2. | The addition of number before and after the reversed string |
3. | The use of one special character helps in preventing the password from hacking. |
4. | The amalgamation of small and capital alphabets increases the security of the password. |
5. | Some of the alphabets should be replaced with the numbers |
6. | “The password should not be generated by using numbers or alphabets only. They can be easily hacked by the hackers” (Pinkas, 2015). |
7. | Use of quotations and long sentences with the use of punctuation marks is not easy to track. |
8. | Use of Misspelling words |
9. | The password should be changed periodically |
10. | Every account or web services should make use of different passwords |
11. | The lengthy password should be created |
12. | Password protected screen savers should be used |
13. | Th password should not be shared with anyone |
14. | The password should not be written on the central location of data gathering. |
15. | Security auditing tools should be used to keep track of password security. |
Prevention method used for Brute force cracking method: The system can be secured with the brute force attack with the creation of strong password. The strong password can be created by making use of password policies and above discussed methods.
Prevention methods for dictionary cracking attacks: “The problem of dictionary attack can be resolved by creating the password by amalgamating different words of dictionary instead of using a single word from it” (Wu, 2012). The amalgamation should be done in such a way which is easy to memorise.
Prevention method for Key logger attack: “The key logger attack can be prevented by making use of virtual keyboard for filling the confidential details to access the web services” (Silver, 2016). The one time password generation method is the most successful method to carry out the transaction securely.
Prevention method for rainbow attack: “The rainbow table should not be created for the password. The creation of table requires lot of time and resources so it is not used in real situation” (Wang, 2013).
Prevention methods for Phishing attacks: The clicking of unknown links should be avoided. The credentials should not be provided to the unknown person. The emotion should be controlled with the distribution of fake messages.
Prevention methods for social engineering attacks: “The unknown person should not be given authority to access the database of the organization in the critical situation also” (Gaw, 2006). The legal obligations should be used for providing authorization of confidential information to the unknown person.
The authentication methods are summarised in the table below:
Authentication method | Description |
Pass Phrases method | It is used for generating the private key for remembering the strong password |
Conventional method | The authentication credential of the user checks with the detail of the user presented in the database. |
Deployment of public key infrastructure | “This method is used for avoiding eavesdropping attacks on the user account. The public key is used for exchanging information among the participating unit” (Kulkarni, 2013). |
Keystroke Dynamic method | This method is used for analysing the time taken to press the keys and the time taken in pressing the two consecutive keys. |
Click pattern | “This method is used for generating stronger passwords by making use of clicking patterns” (Charathsandran, 2015) |
Graphical password | The selected objects are used as a password |
One time password | Generation of one time password is the most secure method used for carrying the transaction securely. |
Use of Biometrics | Biometrics are used for providing authentication by making use of image of finger prints, face, retina of the eyes, and others. |
Authentication panels | The authentication panel is used for rectifying the vulnerabilities associated with the components which are regularly used. |
Digital Signature | The hash value is created for the digital signal which is used for accessing the information. |
The authentication system is used for providing information to the authorised person only. The analysis of the attack should be carried out before adopting the password prevention technique for securing the user password which helps in maintaining the confidentiality of the information which is available on the internet. It should be considered that the short length password is easy to remember but not secure while working on the internet.
Charathsandran, G. (2015). Text password survey: Transition from first generation to second generation. Retrieved from http://blogs.ubc.ca/computersecurity/files/2012/04/Text-Password-Survey_GAYA.pdf
Contini, S. (2015). Methods to protect passwords in databases for web application. Retrieved from https://eprint.iacr.org/2015/387.pdf
Garg, N. (2013). Revisiting defence against large scale online password guessing attacks. Retrieved from http://www.ijsrp.org/research-paper-0413/ijsrp-p1627.pdf
Gasti, P. (2014). On the security of password manager database formats. Retrieved from https://www.cs.ox.ac.uk/files/6487/pwvault.pdf
Gaw, S. (2006). Password management strategies for online account. Retrieved from https://cups.cs.cmu.edu/soups/2006/proceedings/p44_gaw.pdf
Kulkarni, S. (2015). A survey of password attacks, countermeasures and comparative analysis of secure authentication methods. Retrieved from http://www.ijarcsms.com/docs/paper/volume3/issue11/V3I11-0046.pdf
Melicher, W. (2016). Usability and security of text passwords on mobile devices. Retrieved from https://www.ece.cmu.edu/~lbauer/papers/2016/chi2016-mobile-pwds.pdf
Owens, J. (2008). A study of password and methods used in Brute force attacks. Retrieved from http://people.clarkson.edu/~owensjp/pubs/leet08.pdf
Pinkas, B. (2015). Security password against dictionary attacks. Retrieved from http://www.pinkas.net/PAPERS/pwdweb.pdf
Silver, D. (2016). Password manager attack and defence. Retrieved from https://crypto.stanford.edu/~dabo/papers/pwdmgrBrowser.pdf
Towhidi, F. (2011). The knowledge based authentication attacks. Retrieved from http://weblidi.info.unlp.edu.ar/worldcomp2011-mirror/SAM8123.pdf
Wang, P. (2013). Strengthening password based authentication protocols against online dictionary attacks. Retrieved from https://www.dtc.umn.edu/publications/reports/2005_05.pdf
Wu, T. (2012). A real world analysis of Kerberos password security. Retrieved from http://www.gnu.org/software/shishi/wu99realworld.pdf
No matter how close the deadline is, you will find quick solutions for your urgent assignments.
All assessments are written by experts based on research and credible sources. It also quality-approved by editors and proofreaders.
Our team consists of writers and PhD scholars with profound knowledge in their subject of study and deliver A+ quality solution.
We offer academic help services for a wide array of subjects.
We care about our students and guarantee the best price in the market to help them avail top academic services that fit any budget.
I've tried plenty of assignment services before, but Assignmenthelp.us takes the cake. My assigned writer made sure to clarify all the points of my assignment and reassured me he'd get it done in 3 days. I was surprised when he delivered the paper the next day! The writing quality was exceptionally high, and I ended up with the best grades in class.
Sarah Glove
lko
I've always received low grades in my class for many years. I could ignore it before, but taking a risk in my final year would have been careless. My friends always spoke highly of Assignmenthelp.us, so I decided to give it a try. I was surprised at how low the prices were. My grades improved a lot, so I highly recommend everyone to try them out.
George Brian
If you're looking for a service that can provide you great assignments, Assignmenthelp.us is the best option there is. The writer was the most professional out of all the services I have hired till now. Any time I had a question, their customer care always replied to me in a few minutes. I'll surely come back to use their services again.
Samantha Rich
Thank you for Subscribe to us
Thank you for Subscribe us. You will receive a confirmation email shortly in your subscribe email address.
Have any Query? Contact with us
You will receive a confirmation email shortly in your subscribe email address.
You have already subscribed our newsletter.