A Framework for experience based user authentication technique for minimizing risk of brute-force attacks

Amirul I. Mohamad, Mohamad A. Mohamed, Mokhairi Makhtar, Mustafa Mamat, Norziana Jamil, Marina Md Din

Research output: Contribution to journalArticle

1 Citation (Scopus)


Authentication is the process of verifying somebody or something about who he claim he is. The current methods have some drawbacks, which is high cost for special tools, high maintenances, low reliability, lost or broken by user’s poor handling and needs for special expertise in operating the system. In addition, brute force attack has been used against the authentication system by using special software readily available. To address this issue, we proposed an experience-based authentication system, which makes use of user experience as a password during the verification process. In this study, we choose a list of mountains climbed by a user in combination with the year of visit as a password. The system consists of two parts, sign up and sign in. User registration is done during the sign up, whereas user authentication is carried out during the sign in process. Given the number of mountains around the world that is nearly a million in total, and by allowing user to have any combination of mountain, the risk of brute force attack can be minimize significantly. The ability of this system that can withstand such an attack from the outside could increase the current standard security level.

Original languageEnglish
Pages (from-to)660-664
Number of pages5
JournalInternational Journal of Recent Technology and Engineering
Issue number5
Publication statusPublished - Feb 2019


All Science Journal Classification (ASJC) codes

  • Engineering(all)
  • Management of Technology and Innovation

Cite this