Enhanced key life in online authentication systems using virtual password

Abstract

Transactions through online applications using a user id and password have greater flexibility in business environment. This key/password life span in such applications is very short which means that they are easily breakable considering attacks like phishing, key logger and shoulder-surfing. Our proposed scheme enhances the key life in such systems by using virtual password mechanism by keeping the string part of the password string and a mathematical function value followed by it. This mathematical function varies for each login session and also we will reveal only a few positions of the virtual password but not the complete virtual password. © 2011 IEEE.