An Algorithm for Securing User Credentials by Combining Encryption and Hashing Method


  • Awlad Hossain
  • Hasibur Rahaman
  • Arafat Jamil
  • Dr. M.A. Khan


Encryption, Hashing, Security SHA 256, User credential.


Internet browsers, run on electronic devices usually preserve sensitive information, for example, client identifications (passwords). In the present-day innovation, most of the internet browsers uses password logins as an initial validation to demonstrate a client's individuality. Passwords perform as the primary safeguard against provoker manipulation. However, some internet browsers usually preserve client passwords in the records as plaintext. The client’s saved password help the attackers to promptly get client accreditations and break it. This paper proposes a new algorithm for the security of user credentials using the encryption and the hashing method. Specifically, the motivation behind this technique is to confirm client identifications against data fraud. This approach ensures client accreditations utilizing a new algorithm that at the first stage keeps a password and then encrypt the password. After that, the respected encrypted data is hashed and sent to the internet browser server to store. This devised method is easy to develop and executed using the internet browser.


Chi-Kwong Chan and L.M. Cheng, “Cryptanalysis of a Timestamp-Based Password Authentication Scheme”, Computers & Security, Volume 21, Issue 1, pp. 74-76, 1st Quarter 2001.

W.C. Ku, HC Tsai and MJ Tsaur, “Stolen Verifier attack on an efficient smartcard-base one-time-password authentication scheme”, IEICE TRANSACTIONS on Communications, Vol.E87-B No.8 pp. 2374-237, 2004.

C.K. Koc, M. K. “A simple attack on recently introduced hash based strong password authentication scheme”, International Journal of Network Security, Vol.1, No.2, pp.77–80, 2005.

Katti, and K. M. “A hash based strong password authentication protocol with user anonymity”, International journal of Network Security, Vol.2, No.3, pp. 205–209, 2005.

W.C.Ku, H. C., “Two simple attacks on LSH's strong password authentication protocol”, ACM SIGPOS Operating Systems Review, Volume 37, Issue 4, pp. 26-31, October 2003.

IE Liao, CC Lee and MS Hwang, “A password authentication scheme over insecure networks”, Journal of computer and system science, pp. 727-740, 2006.

S. K. Sood, A. K. Sarje and K. Singh, "Cryptanalysis of password authentication schemes: Current status and key issues”, Proceeding of International Conference on Methods and Models in Computer Science (ICM2CS), Delhi, pp. 1-7, 2009.

X Zhuang, C. C., “A simple password authentication scheme based on geometric hashing function”, International Journal of Network Security, pp. 237-243, May, 2014.

M. H. Ali, E. S. Ismail and F. M. Hamzah, “A Practical and Secure Hash Function-Based Password Authentication Scheme”, Journal of Computer Science, pp. 954-960, July, 2019.




How to Cite

Hossain, A., Rahaman, H., Jamil, A., & Khan, D. M. A. (2020). An Algorithm for Securing User Credentials by Combining Encryption and Hashing Method. International Journal of Electrical Engineering and Applied Sciences (IJEEAS), 3(2). Retrieved from