Description

Abstract:

Most of the websites authenticates the users using the text passwords. In the Text password

authentication . Firstly, users often select weak passwords and reuse the same passwords across

different websites. Routinely reusing passwords causes a domino effect; when an adversary

compromises one password, she will exploit it to gain access to more websites. Second, typing

passwords into untrusted computers suffers password thief threat. An adversary can launch several

password stealing attacks to snatch passwords, such as phishing, keyloggers and malware. In this

paper, we design a user authentication protocol named oPass which leverages a user’s cellphone

and short message service to thwart password stealing and password reuse attacks.