Technical Field
The embodiments herein are generally related to security mechanism for accessing computer applications. The embodiments herein are particularly related to a password management system and method. The embodiments herein are more particularly related to a system and method for a password recovery management using fuzzy logic.
Description of the Related Art
A typical computer application is accessed by entering a unique username and a password. The passwords are often regarded as a secret. The typical password is any one of a string, digits, special characters, or a combination of string, digits, and special characters. The password is used for authenticating and granting access to one or more protected applications, files, protocols, etc.,
When a user is unable to reproduce the password for accessing the application, a password recovery procedure is prompted to the user. The password recovery procedure is prompted in one or more ways. The typical password recovery procedure is to authenticate the user through one or more security questions before allowing the user to reset the password. The user responds to one or more and security questions. Generally, the security questions are presented to the user when the user account is created/registered, and the user is asked to provide the answers. Examples of these questions include the user's first car, where they went to high school, a city in which they completed graduation, etc. The password recovery is successful only on a correct entry of a response to the challenges. The recovery is unsuccessful even if there is a mismatch of a single character. There exists a situation where the user is unable to remember the exact response to the challenge that user has answered during an initial access to the application.
One of the conventional approaches for password recovery is to contact a system administrator for recovering the password and use the application. This method is not desirable as the user has to contact the system administrator even after entering the phonetically right response.
The other conventional approaches for password recovery using fuzzy logic are to develop an in-house matching algorithm and a database for matching the one or more entered phonetically similar passwords. This approach is undesirable as the database has to be updated each time a new phonetically similar word is found.
The other conventional approaches for a password recovery using fuzzy logic are based on Levenshtein algorithm. The Levenshtein algorithm is a string metric for measuring a difference between two sequences. However, this approach for password recovery is not desirable as the two different words are matched with entirely different words. For example, the words Rat and Cat, Height and Weight are matched.
Hence, there is a need for a method and system for matching a user-entered response and an actual response phonetically without any errors. Further, there is a need for a method and system that uses fuzzy logic for recovering the user-entered response and the actual response. Still further, there is a need for a system and method for recovering the user-entered response and the actual response on a real-time basis.
The above-mentioned shortcomings, disadvantages and problems are addressed herein and which will be understood by reading and studying the following specification.