• 제목/요약/키워드: Account Lockout

검색결과 1건 처리시간 0.015초

고의적인 연속 인증실패에 대처하는 IP주소와 횟수 기반의 계정 잠금 방지에 관한 연구 (A Study on IP Address and Threshold-based Account Lockout Prevention to Deal with Intentional Consecutive Authentication Failures)

  • 정진호;차영욱
    • 한국멀티미디어학회논문지
    • /
    • 제25권9호
    • /
    • pp.1284-1290
    • /
    • 2022

  • An attacker with a malicious purpose can intentionally type other users' accounts and passwords, causing them to be locked or revoked. Although NIST introduced methods to prevent this attack, all suggested methods are inappropriate to prevent an attacker from manually failing authentication, and reduce user availability. In this paper, in order to prevent user account lockout due to an attacker's intentional authentication failure, we propose a new authentication method using IP address and number of failed authentication. The proposed method not only blocks attackers who intentionally try to fail authentication, but also provides convenience to users because accounts are not locked or revoked. It can also safely protect passwords against password cracking attacks.

  • https://doi.org/10.9717/kmms.2022.25.9.1284 인용 PDF KSCI HTML