Web based Security with LOPass User Authentication Protocol in Mobile Application

Today, the internet has became most convenient and widely used media for people exchanging information and doing business over the internet such as accessing web based emails, online auctions or banking sites. But nowadays, accessing the internet is faced with many challenges. One of the most important challenges is to ensure security with vital role to provide security in websites. The text passwords are convenient and simplest form for a user authentication on websites and this level is more prone to security attacks. User mostly uses theses weak passwords and it is often used across several websites. The reuse of the same password in untrusted websites causes password threats. Hackers invoke password stealing methods to grab password such as phishing, malware and keyloggers. Hereby we propose the user authentication protocol named LOPass which creates long term password and one time password for authenticating the user. It has three phases as registration, login and recovery phase. In LOPass, random password is generated for each login. Registration is used for the registration of the user. Recovery phase is used, if the user's mobile phone gets lost. The user needs to remember only his long term password which is secret.