Securing the Website Login System with the SHA256 Generating Method and Time-based One-time Password (TOTP)
DOI:
https://doi.org/10.35706/sys.v2i2.3756Abstract
Security to enter a system has a very important role because as the main entrance to access data sources. But often lack the attention of the owners and managers of information systems. To reduce these weaknesses, one method that is widely used today is to use One-Time password, which is where the password we have becomes dynamic, meaning that at a certain time the password is always changing, the positive side is that it makes it difficult for others to steal our passwords because besides representative passwords that are difficult to understand and passwords are always changing. This study discusses One-Time Password installed on a mobile device where the password is randomized using a combination of two algorithms, namely SHA256 and Time-based One Time Password. The development of this login method can reduce the level of theft of passwords owned by users who are entitled to access information sources.
Downloads
References
Van,Acker et al.(2017) ‘Measuring login webpage security' Proceedings of the Symposium on Applied Computing. ISBN: 9781450344869. doi: 10.1145/3019612.3019798
Virgian, D. et al. (2016) ‘Pengamanan Sistem Menggunakan One Time Password Dengan Pembangkit Password Hash SHA-256 dan Pseudo Random Number Generator ( PRNG ) Linear Congruential Generator ( LCG ) di Perangkat B ... BIT VOL 13 No . 1 April 2016 ISSN : 1693-9166 Pengamanan Sistem Me’, BIT, 13(April 2017), pp. 64–73.
Lang, J. et al. (2017) ‘Security keys: Practical cryptographic second factors for the modern web’, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), pp. 422–440. doi: 10.1007/978-3-662-54970-4_25.
Hamdare, S., Nagpurkar, V. and Mittal, J. (2014) ‘Securing SMS Based One Time Password Technique from Man in the Middle Attack’, 11(3), pp. 154–158.
Juardi, D. (2017). KAJIAN VULNERABILITY KEAMANAN DATA DARI EKSPLOITASI HASH LENGTH EXTENSION ATTACK. incomtech, 6(1).
Thomas, C. G. and Jose, R. T. (2015) ‘A Comparative Study on Different Hashing Algorithms’, International Journal of Innovative Research in Computer and Communication Engineering, Vol. 3(Special Issue 7), pp. 170–175.
El-Booz, S. A., Attiya, G. and El-Fishawy, N. (2016) ‘A secure cloud storage system combining Time-based One Time Password and Automatic Blocker Protocol’, 2015 11th International Computer Engineering Conference: Today Information Society What’s Next?, ICENCO 2015. EURASIP Journal on Information Security, pp. 188–194. doi: 10.1109/ICENCO.2015.7416346.
Juardi, D. (2019). Presensi dan Reminder menggunakan QR Code (Studi Kasus: SMA XXX). Systematics, 1(1), 33-43.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2020 SYSTEMATICS
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).