In this modern era, where most of the world is connected on the World Wide Web, privacy and security are major concerns for the people. Passwords are used by the public to maintain a level of security in their private lives. Passwords can be of two types—static and dynamic. Existing dynamic passwords like OTPs suffer a major flaw in a man-in-the-middle attack (also known as MITM attack). The following proposal consists of a way to avoid the MITM attack, especially on processes like bank transactions. The proposed method tries to tackle this problem. A base random matrix is generated on the server, and a singular value decomposition (SVD) of that matrix is calculated. A vector is created using that and is encrypted before being sent as a dynamic password. The dynamic password is decrypted on the users’ phone using data in an encrypted cookie, and the result is sent back to obtain the base random matrix. A new base random matrix is generated in every session, thus making it secure. © 2021, Springer Nature Singapore Pte Ltd.