Abstract
Transactions through online applications using a user id and password have greater flexibility in business environment. This key/password life span in such applications is very short which means that they are easily breakable considering attacks like phishing, key logger and shoulder-surfing. Our proposed scheme enhances the key life in such systems by using virtual password mechanism by keeping the string part of the password string and a mathematical function value followed by it. This mathematical function varies for each login session and also we will reveal only a few positions of the virtual password but not the complete virtual password.