REMOTE PASSWORD SECURITY.

The password entering feature is provided through remote access. The remote password security access is provided with the use of an android application that is to be run on any android operated device. The app provides an interactive GUI for this system.

The system is operated using an 8051 microcontroller. An EEPROM is used to store user passwords.The password entered through the android device is received through Bluetooth receiver and then passed on to 8051  microcontroller; which then processes it and then checks its validity by comparing it against the user stored password. Our system uses a door that would be unlocked on entering the right password.

WHAT IS SECURE REMOTE PASSWORD (SRP)

“Password” this crazy piece of string worth a lot, get a lot of attention but yet very hard to process & hide. Even with the multi-factor approach, it is crucial to design the first step right.
It becomes increasingly harder for the software systems to securely authenticate their users, process the sensitive password in a right & secure way. One of the most common approaches is.

PASSWORD HASHING;-
Storing the hashed version of the password using algorithms like Argon2, decrypt, etc and use it for authenticating the users. By now, this is the minimum baseline for handling sensitive secrets like password, anything below this (like as plain-text or encoded) means you are probably doing the bad thing, stop it, go back to safety!.
Hashed passwords offer a good trade-off between simplicity and security but for a piece of highly sensitive information or system it has its own drawbacks.

1. It needed a trusted server to securely process & store the hashed passwords (which promises not to log passwords)
2.  An attacker with a large password dictionary & a breached database can determine the user’s password
3. An attacker can eavesdrop (MITM attack) communication between client and server and can acquire the password.

HOW DOES IT WORK

SRP contains many layers and mathematical derivations. But in simple terms, it consists of three steps registration, authentication, and verification. Let’s see how it works.
REGISTRATION;-

1. It generates a random salt.
2. The client passes the username, password, and salt to a mathematical function (KDF) to derive.
3. Then it generates something called verifier, using the derived x and an SRP group (more on this later).

Then it sends the verifier, salt, and the SRP group along with the username to the server and the server will store the verifier and salt for the user.
AUTHENTICATION;-
This is the interesting & confusing part, in order to prove that the user knows their password, the client & server exchange non-sensitive information to generates a key independently and use it for verification.

VERIFICATION;-
1-The client encrypts a message using the session encryption key and sends it to the server.
2-The server decrypts the message and verifies it, if not verified, fails the authentication process.
3-If verified successfully, the server encrypts a message using its session encryption key and sends its back to the client.
4-The client decrypts the message and verifies it.

REMOTE PASSWORD SECURITY MANAGEMENT

Password Management. Remote Desktop Manager uses its powerful capabilities to store and manage all passwords, credentials and privileged accounts in a safe and secure password vault, providing incomparable control and visibility over your IT environment.

WHAT ARE THE USES OF PASSWORD?
A password is a string of characters used to verify the identity of a user during the authentication process. Passwords are typically used in conjuncture with a username; they are designed to be known only to the user and allow that user to gain access to a device, application or website.

ADVANTAGES OF REMOTE PASSWORD

1. Simple to use
2. Simple to deploy—since the operating system provides the user accounts and password, almost no extra configuration is needed.
3. Genric Password use with SSH.

DISADVANTAGES OF REMOTE PASSWORD

1-Security is entirely based on confidentiality and the strength of the password.
2-It does not provide a strong identity check (only based on the password).

CONCLUSION;-
SRP protocol offers the right amount of flexibility, strong security, and user convenience. So we don’t have to reinvent the wheel and use SRP as the Strong password system, even a low entropy password that can be used securely.

IN CASE KIND OF PROJECTS

All of the above; If this article is not working for you. So you can contact with the subject of your specific project. And we will lead you, to get that kind of project as soon as possible. If in case you are feeling to buy a project for REMOTE PASSWORD SECURITY; simply contact us. And for your convenience; that we provide all BTech mechanical engineering final year projects.