DOI : https://doi.org/10.18517/ijaseit.10.2.11034

Authentication System and Method for Improving Security Login without Typing Password

Irfan Darmawan (1), Alam Rahmatulloh (2), Rianto Rianto (3), Ilman Hilmi Oriza (4)
(1) Department of Information System, Telkom University, Bandung, Indonesia
(2) Department of Informatics, Siliwangi University, Tasikmalaya, Indonesia
(3) Department of Informatics, Siliwangi University, Tasikmalaya, Indonesia
(4) Department of Informatics, Siliwangi University, Tasikmalaya, Indonesia
Fulltext View | Download
How to cite (IJASEIT) :
Darmawan, Irfan, et al. “Authentication System and Method for Improving Security Login Without Typing Password”. International Journal on Advanced Science, Engineering and Information Technology, vol. 10, no. 2, Apr. 2020, pp. 605-10, doi:10.18517/ijaseit.10.2.11034.
Citation Format :
Authentication in the login process is an important thing that needs attention. The login process will involve a password that is owned by the user, while the password is private and confidential. If someone uses a weak password, the password is likely to be easily hacked. Authentication security needs to be improved, and hackers will get access to the login system with only a few attack techniques such as SQL Injection or sniffing techniques. Besides, the lack of awareness of users by creating weak passwords is easy to guess. Meanwhile, to create a strong password, consisting of upper- and lower-case letters, a combination of numbers and symbols, it is very difficult to remember. This is a very important problem in the login process. This study discusses the login authentication process that can perform login integration without typing a password, because passwords are generated repeatedly with the One Time Password (OTP) method, and use the Quick Response Code (QR) as its support. To disguise the data in the QR Code, which is applied by the Rivest-Shamir-Adleman (RSA) encryption algorithm, and will be tested on a web-based application. The login integration process, using the QR Code token application that runs on an android phone. Which functions as an OTP token generator, and a web-based application will read information from the QR Code token. The result is that with login authentication, this can increase the security and ease of the authentication process without typing a password.

E. A. Dharmawan, E. Yudaningtyas and M. Sarosa, “Perlindungan Web pada Login Sistem Menggunakan Algoritma Rijndael,” EECCIS, pp. 77-84, 2013.

D. M. Khairina, “Analisis Keamanan Sistem Login,” Jurnal Informatika Mulawarman, vol. Vol. 6 No. 2, pp. 64-67, 2011.

R. S. Gusman, “Analisis dan Implementasi Two Factor Authentication dengan QRCode Pada Aplikasi Berbasis Web,” UT - Computer Science, pp. 1-22, 2013.

A. D. Tumuli, X. N. Najoan and A. M. Sambul, “Implementasi Teknologi Biometrical Identification untuk Login Hotspot,” E-Journal Teknik Informatika, Vols. Vol.12, No. 1, pp. 1-5, 2017.

J. Wei, W. Liu and X. Hu, “Secure and Efficient Smart Card Based Remote User Password Authentication Scheme,” International Journal of Network Security, Vols. Vol.18, No.4, pp. 782-791, 2016.

A. Rahmatulloh and R. Munir, “Pencegahan Ancaman Reverse Engineering Source Code PHP dengan Teknik Obfuscation Code pada Extension PHP,” in Konferensi Nasional Informatika, Bandung, 2015.

K. I. Santoso, E. Sediyono and S., “Studi Pengamanan Login Pada Sistem Informasi Akademik Menggunakan Otentifikasi One Time Password Berbasisis SMS dengan Hash MD5,” Sistem Informasi Bisnis, pp. 7-12, 2013.

I. G. N. A. Jayarana, A. A. K. A. Cahyawan and G. M. A. Sasmita, “Dynamic Mobile Token for Web Security using MD5 and One Time Password Method,” International Journal of Computer Applications, Vols. Volume 55-No 6, pp. 1-6, 2012.

A. Rahman and A. Rahmawati, “Sistem Pengamanan Keaslian Ijasah Menggunakan QR-Code dan Algoritma Base64,” JUSI Vol. 1, No. 2, pp. 105-112, 2011.

Z. Arifin, “Studi Kasus Penggunaan Algoritma RSA Sebagai Algoritma Kriptografi yang Aman,” Jurnal Informatika Mulawarman, pp. 7-14, 2009.

M. Arifin, A. Bejo and W. Najib, “Integrasi Login Tanpa Mengetik Password pada Wordpress,” JNTETI, Vol. 6, No. 2, pp. 162-167, 2017.

K. Adhatrao, A. Gaykar, R. Jha and V. Honrao, “A Secure Method For Signing In Using Quick Response Codes With Mobile Authentication,” International Journal of Student Research in Technology & Management, vol. Vol 1(1), pp. 1-11, 2013.

M. I. Zulfa and E. Subiyanta, “Pemanfaatan Spyware Untuk Monitoring Aktivitas Keyboard Dalam Jaringan Microsoft Windows,” Jurnal Emitor, vol. Vol. 15 No. 01., pp. 11-14, 2007.

Y. Kita, F. Sugai, M. Park and N. Okazaki, “Proposal and its Evaluation of a Shoulder-Surfing Attack Resistant Authentication Method: Secret Tap with Double Shift,” International Journal of Cyber-Security and Digital Forensics (IJCSDF), vol. 2(1), pp. 48-55, 2013.

M. Kumar, T. Garfinkel, D. Boneh and T. Winograd, “Reducing Shoulder-surfing by Using Gaze-based Password Entry,” pp. 1-7, 2007.

Z. Musliyana, T. Y. Arif and R. Munadi, “Peningkatan Sistem Keamanan Autentikasi Single Sign On (SSO) Menggunakan Algoritma AES dan One-Time Password Studi Kasus: SSO Universitas Ubudiyah Indonesia,” Jurnal Rekayasa Elektrika, vol. Vol.12 No.1, pp. 21-29, 2016.

M. F. Adriant and I. M., “Implementasi Wireshark Untuk Penyadapan (Sniffing) Paket Data Jaringan,” Seminar Nasional Cendekiawan, pp. 224-228, 2015.

ISO/IEC, Information Technology - Automatic Identification and Data Capture Techniques - Bar Code Symbology - QR Code, Swizerland: International Standard, 2000.

Authors who publish with this journal agree to the following terms:

    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
    3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).