Security Assurance by Efficient Password Based Authentication

At present, identity theft is one of the most prevalent security threats. Authentication is an inevitable process of verifying an individual's identity, who wants to access the resources of a system. Though, machine authentication (machinemachine authentication) is to protect the machine through several secure protocols like Secure Socket Layer (SSL) but it cannot stop all the illegal accesses. In order, user authentications come to rescue, and consequently we witness stringent policies to avoid identity theft. Every framework has different authentication arrangements to include different authentication techniques. The ultimate objective of authentication is to increase the security level of authorized users and to eliminate the unauthorized accesses, whatsoever authentication technique is employed. The classification of authentication techniques is based on three zones: Knowledge Based Authentication (KBA), Object Based Authentication (OBA), and Characteristics Based Authentication (CBA). KBA includes user-id and password, passphrase, challenge questions, zero knowledge-based protocols, challenge response protocols etc. OBA is described by the physical belonging or utilization of any hardware device used to verify the user for example smart cards, identity cards etc. It is employed generally in banking, transport, parking and hotels (Levy & Ramim 2009). The trouble of misplacing the device and allowing unauthorized access can be explained by embedding other factors into it. CBA or Biometrics is characterized by unique property a user possesses, including fingerprint, audio or voice recognition, signature recognition and face recognition. Kaur and Mustafa (2016) also discussed various authentication mechanism and authentication methods. Their respective strengths and weaknesses are briefly listed in Table 1a. Despite security problems, password authentication has been having increasing influence on the internet for the last five decades. Several researchers have worked for strengthening password based authentication, primarily to enhance effectiveness. However, a comprehensive literature review revealed a little attempt on improving the efficiency aspect of password based authentication- including changing the time 2 computations, increasing the security considerations etc. More work needs to be done for determining the distinction with, which users act to specific authentication techniques in reference with authentication practices, that may enable attacks on the system. Consequently, the circumstances and prevailing context are pressing hard the need for effective and efficient authentication means.