Abstract: Systems and methods for performing authentication may include encrypting, by a server computing system, a question based on a first password associated with a user and based on successful verification of user identification to generate an encrypted question; transmitting, by the server computing system, the encrypted question to a user computing system; receiving, by the server computing system, an encrypted response from the user computing system, the encrypted response associated with the encrypted question; decrypting, by the server computing system, the encrypted response based on the first password to generate a response; and establishing, by the server computing system, a login session with the user computing system based on successful verification of the response.

Abstract: Techniques are disclosed relating to preventing unauthorized access to private user information by improving cookie security. Cookie data may be subject to interception and replay attempts by malicious users. In disclosed techniques, a server computing system receives a request from a user device that includes encrypted cookie data and device identification information encrypted using a first key of a key pair generated by the server system. The server system may decrypt encrypted cookie data included with the request using a server encryption key. Based on decrypting the cookie data, the server system may retrieve previously-stored device identification information. The server system may decrypt device identification information received with the request using a second key of the key pair. The server system may compare the decryption result with the previously-stored device identification information and, based on the comparison, determine whether to use the cookie data for the request.

Abstract: Systems and methods for performing authentication may include encrypting, by a server computing system, a question based on a first password associated with a user and based on successful verification of user identification to generate an encrypted question; transmitting, by the server computing system, the encrypted question to a user computing system; receiving, by the server computing system, an encrypted response from the user computing system, the encrypted response associated with the encrypted question; decrypting, by the server computing system, the encrypted response based on the first password to generate a response; and establishing, by the server computing system, a login session with the user computing system based on successful verification of the response.