Secure authentication procedures based on timed passwords, honeypots, honeywords and multi-factor techniques

Abstract

A time-based password generating technique has been adopted and applied to protect sensitive datasets as the first technique used in this thesis. It specifically mitigates attacks and threats by adding time as a part of the password, which is generated using the shift-key. This in turn raises the possible combinations for the password and enhances the system’s security. The Password Quality Indicator (PQI) was implemented to evaluate security improvement. Results showed that contemporary password techniques were up to 200% more secure than the traditional methods. The second method, ‘honeypot’, is based on web-session management. The authentication process is triggered if the web-session is initiated correctly when the first webpage is requested; legitimate users must perform the correct session through a precise links’ sequence to be compatible with the session management that has been saved in the server side. The honeypot will present a sequence of links to lure the attacker into performing the authentication procedure directly from the login box. When compared to conventional methods, it was found that using the new method has improved user security by 200%. Additionally, a multi-factor authentication approach was tested, where combination of the timing password and the honeypot techniques was used. The outcomes were calculated and the results demonstrated that the passwords’ strength was enhanced when using and increasing the number of links and the quantity of dwell time periods as a result of probabilities and complication. This approach yielded passwords that are 300% more secure than traditional methods would generate. Finally, a honeywords-generation method (decoy passwords) was also applied to detect attacks against the databases of hashed passwords. With an aim of achieving flatness, the original password for each user account was stored with many honeywords in order to confuse and mislead cyber-attackers. This technique relies on the abnormal generation method to achieve flatness among real password. A survey involving 820 participants was conducted to quantify how many users were able to recognise the real password among several honeywords. The results have shown that the new generation method was an improvement on traditional methods by 89.634% and attained sufficient flatness to confuse the attackers.