Internship management system with passwordless authentication for university stakeholders

Abstract

Read online

Conventional account credentials that include a password are becoming obsolete due to their limitations and susceptibility to cyber threats. This demands using alternative authentication methods that eliminate the risks of breaches and phishing. This paper discusses the integration of passwordless authentication into an electronic document management system (EDMS). The authentication method used in the system utilizes a Time-Based One-Time Password (TOTP), which operates security keys in the form of one-time passwords (OTP) that are sent to the users via email, short message service (SMS), or mobile application. The TOTP algorithm is used in the system, allowing time value as a moving factor. The Rapid Application Development (RAD) model was used in the system development and ISO 25010 was used in the evaluation. The sample size of the respondents for the acceptance testing was determined using Krejcie and Morgan’s formula. The research sample involves 10 information technology experts, one on-the-job training (OJT) coordinator, three OJT advisers, and 244 OJT students. Based on the results, the system was rated outstanding (system evaluation=4.66; acceptance evaluation=4.34), implying that the system met its requirements and that passwordless authentication was proven to increase the security of the developed system. This outcome serves as the basis for integrating passwordless authentication into various systems.

Keywords

• passwordless authentication
• one-time password (otp)
• time-based one-time password (totp)
• possession factor
• rapid application development (rad)