AN IMPROVED SECURE

REMOTE LOGIN PROTOCOL

WITH THREE-FACTOR
AUTHENTICATION
Submitted by
Xxx
Yyy
Guided by
zzz
 ABSTRA
CT
A protocol for secure remote login to server(s) is essential, because it not only protects secret information of the
users but also allows secure access to the authorized users. An improved three-factor authenticated remote login
protocols designed to address large scale online dictionary attacks. A new ne-grained two-factor authentication
(2FA) access control system for web-based computing services. Specically, in our proposed 2FA access control
system, an attribute-based access control mechanism is implemented with the necessity of both a user secret key
and a lightweight security device. As a user cannot access the system if they do not hold both, the mechanism can
enhance the security of the system, especially in those scenarios where many users share the same computer for
web-based services. In addition, attribute-based control in the system also enables the server to restrict the access
to those users with the same set of attributes while preserving user privacy, i.e., the server only knows that the
user fullls the required predicate, but has no idea on the exact identity of the user. Finally, we also carry out a
simulation to demonstrate the practicability of our proposed 2FA system.
 EXISTING SYSTEM
In the existing system there will be only the account locking system.

Account locking is a customary mechanism to prevent an adversary from

attempting multiple passwords for a particular username.

The adversary can mount a DoS attack by making enough failed login attempts

to lock a particular account.

Delaying server response after receiving user credentials, reasonable amount of

time for a particular username.

DISADVANTAGES OF EXISTING SYSTEM

Existing Attribute-Based Cryptosystem

Algorithm lacks security credentials

Not much efficient.

More difficult to identify the attacks.

Easy to hack the user account info.

Not much sufficient.

 PROPOSED SYSTEM

The proposed protocol should make brute-force and

dictionary attacks ineffective.

The protocol should not have any significant impact on

usability (user convenience).

Increasing the security of the protocol must have

minimal effect in decreasing the login usability.
 2FA Protocol fetches malicious users IP addresses, cookies, or

both by identifying machines and sent to the legitimate user who

have been successfully authenticated.

The Proposed 2FA method is more restrictive against brute force

and dictionary attacks while safely allowing a large number of

free failed attempts for legitimate users.

 ADVANTAGES OF PROPOSED
SYSTEM
The protocol should be easy to deploy and scalable, requiring minimum

computational resources in terms of memory, processing time, and disk

space.

2FA is more restrictive against brute force and dictionary attacks while

safely allowing a large number of free failed attempts for legitimate users.

2FA is apparently more effective in preventing password guessing attacks

(without answering ATT challenges), it also offers more convenient login

experience.
SYSTEM REQUIREMENTS
HARDWARE REQUIREMENTS

Hard disk : 80 GB

RAM : 512mb

Processor : Pentium IV

Monitor : 17 Color monitor

Key board, Mouse : Multi media.

 SOFTWARE REQUIREMENTS

Front End : VISUAL STUDIO.NET 2010

Code Behind : ASP.NET

Back End : SQL SERVER 2008

Operating System : Windows 7