Patil Shruthi et.al; International Journal of Advance Research, Ideas and Innovations in Technology © 2018, www.IJARIIT.com All Rights Reserved Page | 943 ISSN: 2454-132X Impact factor: 4.295 (Volume 4, Issue 3) Available online at: www.ijariit.com A brief survey on password authentication Shruthi Patil shruthipatil12@gmail.com Bangalore Institute of Technology, Bengaluru, Karnataka Mercy S mercy.isaac.abraham@gmail.com Bangalore Institute of Technology, Bengaluru, Karnataka Nagaraja Ramaiah profrnagaraja@gmail.com Bangalore Institute of Technology, Bengaluru, Karnataka ABSTRACT Secret key based authentication has been utilized widely as one of authentication methods. Utilizing passwords for client confirmation is as yet the most regular strategy for some, web administrations and assaults on the password databases represent a serious risk. Web advances are increasing to an ever-increasing extent distinction step by step however the constant survival and replication of password verification plans produce challenges for end clients. The current cybercrimes development is a difficult issue, a huge number of individuals turn into the casualty of cybercrime and most of them can't be avoided effectively just by solid passwords. The assaults incorporate key logging, savage constraining, speculating assaults, replay assault. Keywords: Authentication, Solid password, Security, Key management, Secret key. 1. INTRODUCTION In the advanced world, we always utilize online administrations in our day to day life. As an outcome, we give data to the comparing specialist co-ops, e. g., monetary administrations, email suppliers or informal communities. To avert manhandle like wholesale fraud, we experience to get to control instruments at each progression we make. While it is one of the more established instruments, secret key verification is as yet a standout amongst the most much of the time utilized validation strategies on the web even with the rising progressed login-methodology, e. g., two-factor or single sign-on verifications. With the Internet development, a scope of electronic exchanges shows up, as far as, web-based keeping the money, online cash exchanges what's more, web-based exchanging. These days, they introduce an essential piece of our lives. By and by, a large portion of them have worked over not completely secure correspondence channels. Such uncertain channels might be assaulted by gatecrashers and other ill- conceived clients, which prompt reveal the real clients' mystery certifications. To go around these weaknesses, verification is locked in by a framework to judge the clients truly. It is the establishment of data security as a frail verification system will prompt the security dangers. Password confirmation is broadly utilized due to its straight forwardness and affordability. Fig 1: Login System There are two sorts of passwords: Static passwords: A static secret word is a kind of password which is set by the client as its confirmation secret key to a server and the password does not change unless the client demands a change. Static passwords are frequently powerless and are inclined to different assaults, for example, parcel sniffing assault, replay assault, key-logging, phishing and social designing and so forth in which the assailant can imitate the client in uncovering its login data. The static passwords utilize a cryptographic hash to make the verification more secure however these hashes are of no