Implementing Facial Recognition to Safeguard against Password Attacks at Universities

Abstract

In order to secure information technology (IT) systems, authentication is a key tool that is employed to assist in mitigating the problem of password hacking into IT systems. A number of password-based authentication methods have been implemented in industry over the years to minimize password hacking incidents. Among the methods proposed is two-factor authentication. Two-factor authentication combines two single-factor authentication methods to provide enhanced security using two distinct forms of identification for user login credentials for IT applications, websites, databases among others. In large establishments such as universities' whose IT systems hold vital and sensitive information, the two-factor authentication is a crucial measure to be implemented in order to prevent information from being leaked or hacked. Two-factor authentication has been widely adopted and continues to evolve with the development of more sophisticated methods. This research studies and analyses existing two-factor authentication methods for the purpose of determining their limitations and towards the development of more efficient two-factor authentication methods. Furthermore, the research investigates the implementation of the Local Binary Pattern Histogram (LBPH) algorithm and the Haar cascades classifier to implement facial recognition as a second authentication factor for ensuring improved security of IT systems. In an attempt to provide an improved security system, a web application which employs two-factor authentication for enhancing the current security system is developed in order to protect sensitive information that is held by the universities Intelligent Transportation System (ITS). The application employs both a traditional password login method and a facial recognition frame to authenticate users. This application provides the combination of a normal single factor authentication method and a second factor authentication method which is simple to use and does not require additional effort (i.e., having to type in another password) from the user of the application.