Pseudo Dynamic Password System

Introduction:

This is an Innovative Authentication scheme, which lets User use Random Password each time based on the entered random sesssion PIN. In this scheme first user is asked to register by choosing a single digit number which is used to calculate the key from random sesssion PIN. The registered single digit is to be remembered along with the login-id and Password, This number is refered as the secret number. Since this is just a single digit number no significant memory overhead is involved. This scheme allows the users use simple easy to remember password, along with the random session PIN. This random PIN can make password esay or hard as per the requirement of the user.

Working:

The random password scheme works in the same way the text based login-password systems work, the only difference in this scheme is that it allows the use of simple passwords that are easy to remember, and a secret number in the range of 1 to 4. The scheme provides two type of login:
  1. Easy Login:This allows the user to use the login and simple password without the random PIN, thus giving fast login. This login is useful when the user feels safe and homlely environment.
  2. Secure Login:This allows the user use the login and simple password with the random PIN, here user has to recall his secret number to calculate the key from the random PIN. The password is then entered in an encrypted mode, The encryption is very simple as the user needs to enter n number of dummy characters. where n is equal to key.

      3. Example:

      Consider that the user has chosen the single-digit scheme, and suppose the user has chosen 2 as the secret number, The secret number represent the position in the random PIN. Then the user may enter any 4 digits as the random session PIN, and the digit at location 2 from left will be used to secure/ encrypt the actual password.

      Easy Login:

      For easy and fast login the user needs to enter his login_id and his password and leave the random PIN field blank. the user will be able to login in a fast manner. But this easy login should be used only when the user feels safe. Otherwise secure login must be used.

      Secure Login:

      When the user is not feeling safe, then he must use this method. In this method user is allowed to login with a strong password that is created dynamically.
      Suppose user has has entered the random PIN as 5389, since the users secret number was 2, so the key shall be the 2nd digit from left that gives the key value as 3. Therefore the user needs to enter 3 dummy characters after each password character. So the user need to enter the password as a(qw2)s(45$)d(@#*)f(as#), and in this manner the users' password length has incrreased from 4 (awdr@# $) to 16 along with a non dictionary word with special characters. The system knows about the chosen scheme of a registered user, so the actual password can be retrieved from the encrypted password and the user gets authenticated.
      The beauty of this scheme is that next time if rest of the parameter remains same, still the user may enter a different password as the characters written within () are just don't care charecaters and any chacareter can be used in place of these, and hence even in case of session recording the intruder may not know the actual password. And if the user changes the random PIN (say 9342 instead of 5389, so from user's perspective nothing has changed as 3 is still at the second location but from intruders perspective a new number will significantly increase the complexity of the password breaking/hacking), it further improves the security of the password, and the intruders may not try to break the 16 character long password as it involves siginificant computing resources.

Register

Login