Website security and user privacy on the internet have been a great concern these days. In our day to day life we happen to surf hundreds of websites over the internet. Every website we visit, the user has to login by providing login id and password. The disadvantages of this conventional login id and password scheme are: 1. Someone standing behind us or besides can intentionally see the password while we are typing it (SHOULDER-SURFING). 2. If someone has installed KEYLOGGER software on our computer then our password gets revealed to others. The aim of this thesis is to build an application that can overcome the above mentioned problems and enhance the security over the web. Smart Login is a standalone application to demonstrate this type of security can be implemented in the future over the web. This application will not make users enter their password directly but indirectly authenticate them. A user only has to enter the login id at the login screen. A new session password is generated at each login, keeping the original password intact in the backend, making the system more secure.