Password Guessing Resistant Protocol for Securing System from Bots and Illegal Access
Ms. Arya Kumar, Prof. A.K.Gupta
ATTs, Dictionary Attacks, Online password guessing attack, Brute force attack.
Attacks on passwords are increasing day by day. Brute force attack and dictionary attacks are the well known attacks. Automated Turing Test (ATT) is effective approach to minimize such attacks and identify malicious logins. But sometimes it may create inconvenience to the authorized user as the user always has to cross or go through the ATTs. So to avoid such inconvenience, a new technique called Password Guessing Resistant Protocol (PGRP) is introduced. It overcomes the drawbacks of existing protocols. By using PGRP authorised users, who are logging from the known system doesn’t have to undergo ATTs. The users who attempt to login from unknown system will have to pass through ATTs after three failed login attempts. This could make the password guessing more difficult by the automated programs as well as illegal access can be restricted to a great extend. ATTs, security questions and verification codes are used to increase security.