Password security is a major issue for operators and users of the website and its many applications. Among the complicated problems still efficiently addressed is identity authorization. Normal user uses text passwords for authentication which select while registering accounts on a website. If a user selects a weak password and uses that among different websites causes domino effect. The proposed system is an OTP user authentication protocol which leverages a user's cell phone and short message service to resist password stealing and password reuse attacks.