Security Basics mailing list archives
RE: Dynamic password authentication scheme
From: "Mutallip Ablimit" <mutax () insi co jp>
Date: Fri, 23 Jan 2004 12:14:32 +0900
Hi Amandeep,
Move the mouse pointer randomly within the perimeter of the workspace and
within a limited time period.
The program will store the coordinates of the mouse movement. After this,
the program will calculate a new
value by using an algorithm on the value of the coordinates.
It is a really interesting password generation algorithm. But, I couldn't quite catch your draft on DyPASS. Is there any extra dynamic things with DyPASS different from those token-based authentication systems out there? Thanks, Mutallip Ablimit ----------------------------- @INSI So, to get this done, you need a token. The relationship between the number entered by the user and the number generated by the system is necessary to authenticate the user. The time value will include:- date, month, year, hour and minute all in numeric form. The program will read the value entered by the user and compare it with its own value which will be generated by applying the same algorithm on the value the program has stored and the current system time. -----Original Message----- From: amandeep Singh [mailto:amandeep1 () hotpop com] Sent: Thursday, January 22, 2004 3:06 PM To: security-basics () securityfocus com Subject: Dynamic password authentication scheme Hi everyone, All of you must have experienced that the current password authentication schemes are not strong enough. Any one can crack the password by using keyloggers or sniffers. So, their is a need to develop a completely secure password authentication scheme which is not crackable. With relate to this....I'm here trying to develop a new password authentication scheme which is dynamic in nature. I have the concept ready with me but before implementing it I just want to get the recommendations on this from all of you so that I can make it more secure. Please visit the following link to have a look on the concept. http://www.angeltowns.com/members/infosecpark/dypas/ please post your recommendations or questions in the forum at the end of the page so as to make it more robust practically. Thanks Amandeep --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Dynamic password authentication scheme amandeep Singh (Jan 22)
- RE: Dynamic password authentication scheme Mutallip Ablimit (Jan 26)
- Re: Dynamic password authentication scheme Erich Buri (Jan 27)
- RE: Dynamic password authentication scheme David Gillett (Jan 28)
- Re: Dynamic password authentication scheme Sasha (Jan 30)