Asif Khan

Work place: Department of Computer Science, Virtual University of Pakistan

E-mail: khn4524@gmail.com

Website:

Research Interests: Information Security, Network Security, Information-Theoretic Security

Biography

Mr. Asif Khan is currently enrolled at VU Pakistan. His qualifications are as mentioned. ADP.(Computer Science.), M.Sc(Electronics), Diploma.( Information Technology.). He has 5 years of teaching experience and his areas of interest include Cybersecurity, Ethical Hacking, Electronics (Hardware Based Programming).

Author Articles
Pattern-based and Time-Synchronised Passwords

By Mian Saeed Akbar Asif Khan Sara

DOI: https://doi.org/10.5815/ijwmt.2021.04.02, Pub. Date: 8 Aug. 2021

World has been changed; every person is using a number of software, websites, and other systems that are using text-based passwords as a method of authentication.  These passwords need to be strong, hard to guess, and need to be stored in a secure environment. Major problems with passwords are caused by human limitations to remember passwords for different accounts. A trade-off between password security and human-memorability made it difficult to create passwords that are strong enough and easy to remember. No satisfactory solutions have been offered to problems associated with a password such as shoulder surfing, eavesdropping, keylogging programs, Trojan horse, brute force attacks, etc. This study suggests a new easy to use approach for creating a password that is easy to remember even for a large number of accounts. Here in this paper, we proposed two methods one is pattern-based passwords, a simple method that is solving the problem of memorability, another is the idea of Time-Synchronized Passwords (TSP), a novel method for creating passwords that are dynamic in nature and change with the passage of time. The novality of TSP is that instead of storing the passwords in database the patterns are stored, and these patterns are related linked with time. The significance of storing pattern instead of actual password is that at a specific time, the password will have only one instance known to the creator of the password, and this particular instance will be different from instances at other times and thus avoids shoulder surfing, eavesdropping, keylogging, and other problems associated with passwords. These methods are easy to implement and can be used in any system.

[...] Read more.
Other Articles