A Model to Restrict Online Password Guessing Attacks

Aqib Malik, Sanjay Jamwal
unpublished
Passwords are a critical part of information and network security. Password serves as a basic mean of authentication to protect user accounts but a poorly chosen password, if compromised, could put the whole network at risk. Password are one of the most common reason for the security breakups. Online guessing attacks (brute force attack and dictionary attack) on password protected remote login services increasing rapidly. Providing legitimate user's login conveniently while preventing such type
more » ... of attacks is difficult. Automated Turing test (ATT) are effective and are very easy to implement but cause reasonable amount of inconvenience to the legitimate user. Here in this paper we have proposed a model which limits the number of login attempts from unknown source IP address as low as three attempts and the user can make five failed login from the known and frequently used machine.
fatcat:dwhokd7535exznff5cpoavuoom