Authentication System and Method for Improving Security Login without Typing Password

Abstract

Authentication in the login process is an important thing that needs attention. The login process will involve a password that is owned by the user, while the password is private and confidential. If someone uses a weak password, the password is likely to be easily hacked. Authentication security needs to be improved, and hackers will get access to the login system with only a few attack techniques such as SQL Injection or sniffing techniques. Besides, the lack of awareness of users by creating weak passwords is easy to guess. Meanwhile, to create a strong password, consisting of upper- and lower-case letters, a combination of numbers and symbols, it is very difficult to remember. This is a very important problem in the login process. This study discusses the login authentication process that can perform login integration without typing a password, because passwords are generated repeatedly with the One Time Password (OTP) method, and use the Quick Response Code (QR) as its support. To disguise the data in the QR Code, which is applied by the Rivest-Shamir-Adleman (RSA) encryption algorithm, and will be tested on a web-based application. The login integration process, using the QR Code token application that runs on an android phone. Which functions as an OTP token generator, and a web-based application will read information from the QR Code token. The result is that with login authentication, this can increase the security and ease of the authentication process without typing a password.