World Wide Web hosts (e.g. Yahoo, Gmail, etc.) deploy the best known security mechanisms to protect user important data from hackers. A large number of user they access their own account.Security purpose hacker are hacked their account but important that how to protect their account from hacker.
Still the personal information is compromised. Security lapse is at the user data, i.e. user’s personal faults is responsible for the onslaughts. Accessing the web server is different. Every hacker attemptsadvance access to user’s system to steal data. So in this paper, enhanced Authentication schema to maintain secure data and try to protect for the hacker also maintain confidentiality of information is proposed.
The purpose of the framework is to save preshared phone number and MAC address from the device current timestamp(PMT),required to also generate TOTP(Time-base One Time Password) which in turn will generate an offline secret hash code by using offline Token generation mobile app. Security Token based runtime interaction could extends the strength or authentication control.
When generated hash code is entered the userrequest in the website is transferred to the server using TLS.
Keywords : OTP,TLS, Authentication, attack, IMEI.