With the developing digital era, the users are more vulnerable to various types of security threats such as Phishing(RAT), a serious security threat to the internet users in which the intruder sends an email which looks legitimate, where the RATs are usually downloaded invisibly with a user - requested program such as game or in this case an email attachment. RATs provide a backdoor for administrative control over the targeted computer, from which the intruder will be allowed to access all sensitive and confidential data such as banking application, which needs more security. It is important to prevent such phishing attacks. One of the ways to prevent the password theft is to authenticate a user without the use of the text password. In this paper we propose an idea which eliminates the use of the permanent text passwords, by authenticating the user through image based password. After image based authentication, the user will obtain the One Time Password (OTP) using the messaging service available in the internet. The image based authentication method relies on the user's ability to recognize the pre-chosen images from a grid of pictures which appears in a random manner. This paper integrates One time Image password based authentication and HMAC based one time password and to achieve high level of security in authenticating the user and these algorithms are very economical to implement.