Steganography-based Password Management: A conceptual Model

The problem of password management is one of the oldest and most problematic issues in the context of computing security and personal digital information. Despite the fact that many researched have been carried out on this problem, most solutions have remained focused on the server side assuming a trusted infrastructure that will enforce a proper management scheme for the user passwords and that exists outside of the user’s domain. On the other hand, user or client-side password management has remained at the level of recommendations to users providing some general guidelines to what constitutes good management of a user’s set of passwords. In this paper, we propose a novel approach by focusing on the design of a system for the management of a user’s passwords that runs within the domain of the user.The new system utilizes information hiding by means of steganography techniques in order to create seamless management of user passwords. To the best of our knowledge this would be the first attempt of using stego-image as a token for two-factor authentication in the literature, which needs no extra cost of hardware, easy to use and implement.