Securing the Website Login System with the SHA256 Generating Method and Time-based One-time Password (TOTP)

Authors

  • Iman Permana Universitas Budi Luhur
  • Mardi Hardjianto Universitas Budi Luhur
  • Kiki Ahmad Baihaqi Universitas Buana Perjuangan Karawang

DOI:

https://doi.org/10.35706/sys.v2i2.3756

Abstract

Security to enter a system has a very important role because as the main entrance to access data sources. But often lack the attention of the owners and managers of information systems. To reduce these weaknesses, one method that is widely used today is to use One-Time password, which is where the password we have becomes dynamic, meaning that at a certain time the password is always changing, the positive side is that it makes it difficult for others to steal our passwords because besides representative passwords that are difficult to understand and passwords are always changing. This study discusses One-Time Password installed on a mobile device where the password is randomized using a combination of two algorithms, namely SHA256 and Time-based One Time Password. The development of this login method can reduce the level of theft of passwords owned by users who are entitled to access information sources.

Downloads

Download data is not yet available.

References

Van,Acker et al.(2017) ‘Measuring login webpage security' Proceedings of the Symposium on Applied Computing. ISBN: 9781450344869. doi: 10.1145/3019612.3019798

Virgian, D. et al. (2016) ‘Pengamanan Sistem Menggunakan One Time Password Dengan Pembangkit Password Hash SHA-256 dan Pseudo Random Number Generator ( PRNG ) Linear Congruential Generator ( LCG ) di Perangkat B ... BIT VOL 13 No . 1 April 2016 ISSN : 1693-9166 Pengamanan Sistem Me’, BIT, 13(April 2017), pp. 64–73.

Lang, J. et al. (2017) ‘Security keys: Practical cryptographic second factors for the modern web’, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), pp. 422–440. doi: 10.1007/978-3-662-54970-4_25.

Hamdare, S., Nagpurkar, V. and Mittal, J. (2014) ‘Securing SMS Based One Time Password Technique from Man in the Middle Attack’, 11(3), pp. 154–158.

Juardi, D. (2017). KAJIAN VULNERABILITY KEAMANAN DATA DARI EKSPLOITASI HASH LENGTH EXTENSION ATTACK. incomtech, 6(1).

Thomas, C. G. and Jose, R. T. (2015) ‘A Comparative Study on Different Hashing Algorithms’, International Journal of Innovative Research in Computer and Communication Engineering, Vol. 3(Special Issue 7), pp. 170–175.

El-Booz, S. A., Attiya, G. and El-Fishawy, N. (2016) ‘A secure cloud storage system combining Time-based One Time Password and Automatic Blocker Protocol’, 2015 11th International Computer Engineering Conference: Today Information Society What’s Next?, ICENCO 2015. EURASIP Journal on Information Security, pp. 188–194. doi: 10.1109/ICENCO.2015.7416346.

Juardi, D. (2019). Presensi dan Reminder menggunakan QR Code (Studi Kasus: SMA XXX). Systematics, 1(1), 33-43.

Downloads

Published

2020-08-01

How to Cite

[1]
I. Permana, M. Hardjianto, and K. Ahmad Baihaqi, “Securing the Website Login System with the SHA256 Generating Method and Time-based One-time Password (TOTP)”, Systematics Journal, vol. 2, no. 2, pp. 65–71, Aug. 2020.

Issue

Section

Articles

Most read articles by the same author(s)