Provide Security in Social Networking Sites using Honeyword based Approach

From the recent survey, it has proven that the passwords are not secured from the cyber attackers. Using only hash password is not enough to keep cyber attackers from password file cracking. And so, there is a need for more secure and reliable approach which is honeyword i.e. fake passwords which are used to deal with different cyber-attacks and to prevent password file disclosure. If an attacker steals the hashed password file, then it becomes very easier for an attacker to login into the account through authenticated way. We need to understand that once a password file is stolen then there is no mechanism that can detect the attacker from hacking the account. And to do so attacker may use variety of attacks to recover the hashed password file, some of them are brute force attack, rainbow table attack, dictionary attack etc. An auxiliary service which is known as honey checker is a secure server that stores only the index of the real passwords along with the index of honeywords for each of the user whenever there is a use of honeyword is detected it immediately triggers the alarm and notify the administrator. In this research paper, we will discuss one of the honeyword generation method hybrid model which is combination of chaffing with tweaking and password model and suggest some improvement from the previous methods along with improved security and easy implementation, we will also address the drawbacks of previous approach and overcome almost every drawback.