Three-Tier Password Security Algorithm for Online Databases

Password security is a significant issue for any authenticating process, and different researchers in the past have proposed techniques such as hashing, salting, honeywords to make the process most secured. We provide a self-guaranteed secure program and its access methods to mitigate the risk of illegal attacks like DDoS. This method ensures the security of a program by giving method level security that bolsters the further implemented security measures. A step-up approach is implementing the access security measures that protect against SQL injection and script attacks. Lucubration of various papers suggests that most systems are compromised at the storage of login credentials. Our solution ensures the security of such measures by obscurity. By using multiple layers of additional security procedures before storing the data decreases the risk of break-in exponentially. Our attempt to securely store passwords includes salting the passwords, encrypting them, and finally hashing them so that no patterns are visible. This paper presents a new method that involves SQLi prevention, encrypting, salting and then hashing the password. The SALT is generated dynamically using two parameters, one of which is unique, and the Salt is not stored in the database.