• Arvind Kumar Pandey

User authentication methods have reached a stalemate. The most common technique, the password, has a number of flaws, including the risk of accidental disclosure through phishing and cross-site password reuse. Second-factor authentication methods have the potential to improve security, but they are difficult to use and implement. Conventional second-factor methods, for example, alter the user authentication experience. Furthermore, although second-factor methods are more secure than passwords, they still fall short of providing adequate protection against (single-use) phishing assaults. We introduce PhoneAuth, a system that aims to give security guarantees on par with or better than standard two factor authentication systems while maintaining the same user experience as traditional passwords alone. The following important insights are used in our work. For starters, a user's personal device (such as a phone) may connect directly with the user's computer (and therefore the distant web server) without the need for the user to intervene. Second, a tiered approach to security may be implemented, with a web server, enacting various rules based on whether or not the users own device is present. Our server-side, Chromium web browser, and Android phone implementations of PhoneAuth are described and evaluated.

Authentication, Cryptography, Login, Password, Phishing.

"Strengthening User Authentication through Opportunistic Cryptographic Identity Assertions ", International Journal of Emerging Technologies and Innovative Research (www.jetir.org), ISSN:2349-5162, Vol.5, Issue 10, page no.269-273, October-2018, Available :http://www.jetir.org/papers/JETIRFR06052.pdf

"Strengthening User Authentication through Opportunistic Cryptographic Identity Assertions ", International Journal of Emerging Technologies and Innovative Research (www.jetir.org | UGC and issn Approved), ISSN:2349-5162, Vol.5, Issue 10, page no. pp269-273, October-2018, Available at : http://www.jetir.org/papers/JETIRFR06052.pdf