A Steganography-based framework to prevent active attacks during user authentication

User authentication is a vital component in most systems that need to assure security of services and data. Majority of the applications so far depend on alphanumeric text based password schemes for authentication, however, user information management is not as secure in some systems. A weak authentication may also enable hackers to steal user information or bypass authentication. Increase of social engineering schemes and use of multiple accounts per user has also brought new problems in password authentication schemes. Social profiles of users available in the public domain has led to exposing personal data and has made privacy a major issue. Users tend to use personal data to create passwords and hence this implies that password based authentication has become more vulnerable. This paper proposes a new framework of authentication, called imgAuth which is an image steganography based authentication scheme and user profile management. imgAuth image can act as a universal authentication framework, which has a balance between security, integrity and availability. We show that our approach is practical, and resistant against popular attacks that we had planned to overcome in this project. Experimental prototype shows that we do much better than some existing schemes.