Abstract
Nowadays passwords are really an influential tool to keep all data and information digitally safe and secure. Text password are most popular compared with other formats of passwords, since information that resides in text passwords are more simple and convenient. However, text passwords are more prone to be stolen and are not always strong enough and come across different vulnerabilities. If the person creates a weak password or a password that is reused in many other sites, the intruders can easily get it. If the password is stolen ,it can be used for all the websites and this is what is called the Domino Effect. One of the risky environment is when a person enters his/her password in a computer that is not trust-worthy the password is prone to attacks like malware, phishing and key loggers etc. In this paper, a user authentication protocol is designed, which leverages a user’s cell phone and short message service to thwart password stealing attacks .The protocols requires a unique phone number that will be possessed by each participating website. A telecommunication service provider is involved in the registration and the recovery phases. The main concept of the paper is reducing the password reuse attack and password reuse attacks. The one time password technology reduces the password validity time. The good performance had improved the security.