CFP last date
20 June 2024
Call for Paper
July Edition
IJCA solicits high quality original research papers for the upcoming July edition of the journal. The last date of research paper submission is 20 June 2024

Submit your paper
Know more
Reseach Article

A Comparative Analysis of Various Multistep Login Authentication Mechanisms

by Navpreet Kaur, Mandeep Devgan
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 127 - Number 9
Year of Publication: 2015
Authors: Navpreet Kaur, Mandeep Devgan
10.5120/ijca2015906472

Navpreet Kaur, Mandeep Devgan . A Comparative Analysis of Various Multistep Login Authentication Mechanisms. International Journal of Computer Applications. 127, 9 ( October 2015), 20-26. DOI=10.5120/ijca2015906472

@article{ 10.5120/ijca2015906472,
author = { Navpreet Kaur, Mandeep Devgan },
title = { A Comparative Analysis of Various Multistep Login Authentication Mechanisms },
journal = { International Journal of Computer Applications },
issue_date = { October 2015 },
volume = { 127 },
number = { 9 },
month = { October },
year = { 2015 },
issn = { 0975-8887 },
pages = { 20-26 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume127/number9/22758-2015906472/ },
doi = { 10.5120/ijca2015906472 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:19:27.719271+05:30
%A Navpreet Kaur
%A Mandeep Devgan
%T A Comparative Analysis of Various Multistep Login Authentication Mechanisms
%J International Journal of Computer Applications
%@ 0975-8887
%V 127
%N 9
%P 20-26
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Due to advancements and improvements in internet and communication systems, more people are relying on internet to store their confidential information. Earlier the idea of Static passwords was being used but most of the users try to use easily guessable, weak passwords or keywords from their personal information, which makes it easy for the intruders to guess their passwords in few combinations using Brute Force attack. Thus idea of using Multi-Factor Authentication has been introduced in the world of internet to harden the security of network and make it difficult for the attackers to crack systems. In this mechanism, users are required to provide some extra information along with their login Id and password. Most popular is using One-Time Passwords that are generated randomly and valid only for single login and even for short duration of time (usually 30 to 60 seconds). One-Time Passwords can be generated either online or offline via various mechanisms. In this paper, review of various Multi-step Authentication schemes has been performed to compare various authentication mechanisms.

References
  1. Singh, S., The Code Book: The Secret History of Codes and Code-breaking. Fourth Estate, 1999.
  2. Uymatiao, Mariano Luis T., and William Emmanuel S. Yu. “Time-based OTP Authentication via Secure Tunnel(TOAST): A mobile TOTP scheme using TLS seed exchange and encrypted offline keystroke.” 4thIEEE International Conference on Information Science and Technology(ICIST), 2014,Pp. 225-229,IEEE,2014.
  3. Muliner, C., Borgaonkar, R., Stewin, P.,Seifert, J., “SMS-based One-Time Passwords: Attacks and Defense”, volume 7967,Pp. 150-159 Springer-Verlag Berlin Heidelberg 2013.
  4. Appelman, M., Scheelen, Y., “Analysis of Google’s 2-step Authentication”,University of Amsterdam, May 2012, www.scribd.com/doc/95267199/Analysis-of-Google-s-2-StepVerification#scribd
  5. Subashini, K., and Sumithra, G., “Secure multimodal mobile authentication using one time password.” 2nd International Conference on Current Trends in Engineering and Technology (ICCTET), 2014, pp. 151-155. IEEE, 2014.
  6. Takasuke Tsuji, Akihiro Shimizu, “A One-Time Password Authentication Method”, January 2003, www.kochi-tech.ac.jp/library/ron/2002/g5/M/1055124.pdf
  7. Wikipedia-RSA SecurID, http://en.wikipedia.org/ wiki/ RSA_SecurID, 2015.
  8. Parmar,H., Nainan, N.,Thaseen, S.,“Generation of Secure One time passwords based on Image Authentication System”, Pp. 195-206, 2012.© CS & IT-CSCP 2012.
  9. Kalaikavitha, E.,Gnanaselvi, J., “Secure Login using Encrypted One Time Password(OTP) and Mobile based Login Methodology”, International Journal of Engineering and Science, Vol. 2, Pp. 14-17, Issue 10(2013).
  10. Emiliano De Cristofaro, Honglu Du, Julien Freudiger, Greg Norcie, “A Comparative Usability Study of Two-Factor Authentication”, Cornell University Library, 31 January 2014.
  11. Munjal N., Moona R., “Secure and Cost effective Transaction Model for Financial Services”, International Conference on Ultra Modern Telecommunications and Workshops, 2009, Pp. 1-6, IEEE, ICUMT’09.
  12. Mohammed M.M., Elsadig M., “A multi-layer of multi factors authentication model for online banking services”, International Conference on Computer, Electrical and Electronics Engineering (ICCEEE), Pp 220-224, August 2013.
  13. Hojin Seo, Huy Kang Kim, “User Input Pattern-based Authentication Method to Prevent Mobile e-Financial Incidents”, Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops (ISPAW), Pp 382-387, May 2011.
Index Terms

Computer Science
Information Sciences

Keywords

Multi-factor Authentication One-Time Passwords (OTP) Static Passwords Short Message Service (SMS) Time-based One Time Passwords (TOTP) and Image-based Authentication.