Vous êtes sur la page 1sur 4

A Secure and Practical Authentication Scheme Using Personal


Authentication plays an important role in securing online banking system, and many Banks and
various services have long relied on username / password combinations to verify users. Remember
usernames and passwords for many accounts will be heavy and inefficient task. Legacy
authentication methods failed again and again, you are not immune to a variety of attacks against
users, networks or Authentication server. Over the years, data breach reports have indicated that
attackers have created many advanced techniques to steal user credentials that can pose a serious

Traditional authentication schemes such as the username/password combo pose a serious threat to
the online banking services, financial systems, and their users. Most current authentication systems
assign or allow a user to choose a static and unique user id that acts as a label. This static label is
typically attached to the user for a long time. Unfortunately, users tend to use the same user id in
many different websites and systems. Furthermore, many users continue to employ the same
password across online accounts and systems. According to a recent study, 51% of the surveyed
users reuse the same password across different websites, and more than 77% of the participants
either slightly change or reuse existing passwords with simple tricks.


Memorizing usernames and passwords for a lot of accounts becomes a cumbersome and inefficient

It decreases the security of authentication


In Proposed System, An efficient and practical user authentication scheme using personal devices
that utilize different cryptographic primitives such as encryption, digital signature, and hashing.
The technique benefits from the widespread usage of ubiquitous computing and various intelligent
portable and wearable devices that can enable users to execute a secure authentication protocol.
Our proposed scheme does not require an authentication server to maintain static username and
password tables for identifying and verifying the legitimacy of the login users. It not only is secure
against password related attacks, but also can resist replay attacks, shoulder surfing attacks,
phishing attacks, and data breach incidents.


Secure against password related attacks.

It can resist replay attacks, shoulder surfing attacks, phishing attacks, and data breach incidents

H/W System Configuration:-

Processor - Pentium –III


Hard Disk - 20 GB

Key Board - Standard Windows Keyboard

Mouse - Two or Three Button Mouse

Monitor - SVGA

S/W System Configuration:-

Operating System : Windows95/98/2000/XP

Application Server : Tomcat5.0/6.X

Front End : Java.

Back End: SQL Server 2005