Development of Hash-Based Multi-Factor Password Generating System

The use of passwords or passphrases is essential for every internet user. However, users often face a dilemma between choosing simple passwords that are easy to crack and complex passwords that are difficult to remember, leading to frequent and cumbersome password recovery processes. This paper focuses on addressing this issue by developing a multifactor, unique password-generating system using SHA-256. The system incorporates factors such as a Unique Identifier, a biometric key value, and an Android mobile phone with a Biometric scanner. To accomplish this, an algorithm is devised using JavaScript that concatenates and generates a hash value by applying the SHA-256 algorithm to the Unique Identifier and Biometric Key values. The software implementation is achieved using the JavaScript programming language, with support from predefined plugins. Once the application is created, passwords can be generated by inputting a user's fingerprint ID and an Identifier (e.g., “Facebook.com”), resulting in the generation of a 32-character unique password. This process can be applied to any identifier and can reproduce the same password when the same factors are supplied. The experimentation results demonstrate that the system is capable of generating unique passwords for different platforms and can reproduce the same password for each platform if needed. While the focus of this paper is on the development of a system for Android mobile phone operating systems, It is suggested that its functionality be expanded by developing a browser extension and versions for other operating systems to improve its usability and accessibility across multiple platforms.