Abstract
Authentication is a method for securing an account by verifying the user identity by inputting email with a password. Two factor authentications is an authentication system that combines the first-factor authentication with the second factor. General two factor authentication by entering an email or username with a password are similar. However, two factor authentication requires additional information that must be inputted by the user. Additional information can be in the form of tokens or one-time passwords (OTP). Two factor authentications generally still uses third-party services to generate token or OTP still have vulnerable because can attacked from tokens steal through MITM and found that the generated tokens with the same value. Therefore, we propose a two-factor authentication framework based on ethereum blockchain with dApp as token generation system. Firstly, outcome from the analysis of the system, next succeeded in creating a two-factor authentication system without using third-parties. Second, token system generate up to 3164 different tokens in one second and has been collisions tested. Third, security method to protect token from MITM attack. The attacker unable to get access caused all the checking are done by dApp user authentication.
Highlights
Authentication is usually a combination of email and password enable access to the account
Authentication usually encounter in web applications is one-factor authentication or password-based authentication refers to the category something that you know [1, 2, 3, 4]
We propose a two factor authentication system without third-party on a web application using blockchain
Summary
Authentication is usually a combination of email and password enable access to the account. Web application are platforms that uses authentication system to check an account is really accessed by own user. Authentication usually encounter in web applications is one-factor authentication or password-based authentication refers to the category something that you know [1, 2, 3, 4]. Password-based authentication has weaknesses, that are easy to brute force attacks, so the users data are vulnerable of being stolen [5, 6]. Users usually use the same password on many platforms to make it easier to remember [4, 7]. Password-based authentication cannot accommodate the security and confidentiality of account data [8, 9, 10]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Register: Jurnal Ilmiah Teknologi Sistem Informasi
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
