Main Article Content
A Secure Multifactor Authentication System using Keystroke with Password
Abstract
Multifactor authentication (MFA) uses two or more forms of authentication to permit computer users to access an application using the electronic authentication method after successfully providing two or more factors. Since hackers may quickly guess usernames and passwords using tools, the traditional log-in techniques (username and password) are not totally secure against intrusion. Furthermore, present security measures, such as two-factor authentication based on a one-time password sent through text or email, authentication utilizing biometrics or the usage of token devices, call for additional technology that is expensive for small and medium-sized businesses. This paper proposes using keystroke with password to authenticate users. It is based on the use of keystroke to dynamically verify users based on multifactor authentication scheme, in which a non-intrusive typing pattern approach is used to authenticate users and suggests a better way of handling mistakes that occur when users type during the authentication process. Using the proposed system, a bound of values was created using the fastest and slowest keystroke of the letters typed. Every user that accesses the system is given access as much as the keystroke time provided falls within the range of keystroke values defined for the user. Also, whenever the user typed backspace, instead of adding that character to the array of values, it automatically deletes the last character typed along with its keystroke data. Therefore, proposed approach defeats a wide range of security risks, including key loggers, screen capture attacks, and scapular surfing. The proposed system was tested and was proven to provide more security compared to other techniques used for authentication.