TY - GEN
T1 - Vault-PMS
T2 - 20th IEEE International Wireless Communications and Mobile Computing Conference, IWCMC 2024
AU - Abdulkadir, Mohamad
AU - Alketbi, Saeed
AU - Lamaazi, Hanane
AU - Altamimi, Rashed
AU - Alblooshi, Saeed
AU - Lakas, Abderrahmane
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Increased online accounts and services require robust password management solutions and practices to maintain secure authentication. Deploying unique passwords for all accounts is impractical, as cracking that password leads to losing access to all the related accounts. Thus, managing complex and unique passwords for different accounts is the primary challenge for users. To address this challenge, a secure offline vault-based password management system (Vault-PMS) is proposed. The system leverages multiple security features: AES256 encryption, multi-factor authentication (MFA), and backup to enhance password security and resilience. The system 1) deploys the MFA security control, requiring users to enter a master password and a one-time password (OTP) sent to their emails, 2) relies on password encryption and an offline backup feature that allows the storage of encrypted passwords locally on the user's device or externally on hard drives. The proposed system aims to mitigate risks associated with online storage, specifically cloud storage, and ensure data restoration in case of device damage or loss. The proposed password management system has been implemented using Java and evaluated in terms of security and execution time. The results demonstrate that the system offers a secure, reliable, and efficient solution for password management, effectively addressing the challenges associated with maintaining secure authentication practices for multiple online accounts.
AB - Increased online accounts and services require robust password management solutions and practices to maintain secure authentication. Deploying unique passwords for all accounts is impractical, as cracking that password leads to losing access to all the related accounts. Thus, managing complex and unique passwords for different accounts is the primary challenge for users. To address this challenge, a secure offline vault-based password management system (Vault-PMS) is proposed. The system leverages multiple security features: AES256 encryption, multi-factor authentication (MFA), and backup to enhance password security and resilience. The system 1) deploys the MFA security control, requiring users to enter a master password and a one-time password (OTP) sent to their emails, 2) relies on password encryption and an offline backup feature that allows the storage of encrypted passwords locally on the user's device or externally on hard drives. The proposed system aims to mitigate risks associated with online storage, specifically cloud storage, and ensure data restoration in case of device damage or loss. The proposed password management system has been implemented using Java and evaluated in terms of security and execution time. The results demonstrate that the system offers a secure, reliable, and efficient solution for password management, effectively addressing the challenges associated with maintaining secure authentication practices for multiple online accounts.
KW - AES256 encryption
KW - and backup
KW - decryption
KW - multi-factor authentication
KW - one-time password
UR - http://www.scopus.com/inward/record.url?scp=85199975308&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85199975308&partnerID=8YFLogxK
U2 - 10.1109/IWCMC61514.2024.10592442
DO - 10.1109/IWCMC61514.2024.10592442
M3 - Conference contribution
AN - SCOPUS:85199975308
T3 - 20th International Wireless Communications and Mobile Computing Conference, IWCMC 2024
SP - 1510
EP - 1515
BT - 20th International Wireless Communications and Mobile Computing Conference, IWCMC 2024
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 27 May 2024 through 31 May 2024
ER -