ECCO Mnemonic Authentication—Two-Factor Authentication Method with Ease-of-Use (original) (raw)
Related papers
Two Factor Authentication Made Easy
15th International Conference on Web Engineering (ICWE)
Authentication on the Web is a challenge that can have a negative effect on user experience if it becomes overly complicated and cumbersome. This experience is even more crucial for older and visually impaired users due to their functional abilities. Web applications typically authenticate users by requesting for information that only the user knows (e.g. password). To enhance security, two-factor authentication (2FA) are increasingly implemented, which require the user to manually transfer information between 2FA devices and the Web application. This process can impose usability barriers and stress on human's memory. This paper proposes a technique to mitigate such issues by using wearables as the 2FA device, and to allow authentication information to be transferred seamlessly and automatically from the device to the Web application. From our preliminary results, older users found our approach less stressful on the human's memory and easier to use.
A Usable and Secure Two-Factor Authentication Scheme
Information Security Journal: A Global Perspective, 2012
There are many secure authentication schemes that are secure but difficult to use. Most existing network applications authenticate users with a username and password pair. Such systems using the reusable passwords are susceptible to attacks based on the theft of password. Each scheme has its merits and drawbacks (Misbahuddin, Aijaz Ahmed, & Shastri, 2006). To overcome the susceptibility in the existing applications, there is an authentication mechanism known as Two-Factor Authentication. Two-Factor Authentication is a process used to authenticate or verify the identity of a person or other entity requesting access under security constraints. It is a system wherein two different factors are used in conjunction to authenticate. Using two factors as opposed to one factor generally delivers a higher level of authentication assurance. The proposed scheme allows users to freely choose their PassFile (file password) instead of remembering the password, eliminating the problem of entering the reusable password and remembering the password. In this scheme, we proposed an efficient scheme for remote user authentication. It does not maintain verifier table and allows the user to freely choose and change their passwords. The proposed scheme provides best usability for the user in terms of PassFile without changing the existing protocol. This approach uses a smart card and is secure against identity theft, guessing attack, insider attack, stolen verifier attack, replay attack, impersonation attack, and reflection attack. The proposed achieves the mutual authentication essential for many applications.
User Study on Single Password Authentication
IACR Cryptol. ePrint Arch., 2018
Single password authentication (SPA) schemes are introduced to overcome the challenges of traditional password authentications, which are vulnerable to offline dictionary, phishing, honeypot, and man-in-themiddle attacks. Unlike classical password-based authentication systems, in SPA schemes the user is required to remember only a single password (and a username) for all her accounts, while the password is protected against offline dictionary attacks in a provably secure manner. Several cryptographic SPA solutions were proposed in this decade, some based on cloud storage, and some employing a trusted personal mobile device. However, studies on usability of these novel SPA systems are rare, hardening their deployment and the validation of their practicality. In this paper, we implement two very different SPA systems and assess their usability with the following two comparative experiments: one comparing the state-of-the-art cloud-based browser-extension SPA solution against tradition...
A Novel Multifactor Authentication System Ensuring Usability and Security
International Journal of Security, Privacy and Trust Management, 2013
User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or secure but not usable. While there are different types of authentication systems available alphanumeric password is the most commonly used authentication mechanism. But this method has significant drawbacks. An alternative solution to the text based authentication is Graphical User Authentication based on the fact that humans tends to remember images better than text. Graphical password authentication systems provide passwords which are easy to be created and remembered by the user. However, the main issues of simple graphical password techniques are shoulder surfing attack and image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable or usable but not secure. In this paper, a new technique that uses cued click point graphical password method along with the one-time session key is proposed. The goal is to propose a new authentication mechanism using graphical password to achieve higher security and better usability levels. The result of the system testing is evaluated and it reveals that the proposed system ensures security and usability to a great extent.
A Two-factor Authentication Mechanism Using Mobile Phones
2008
Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size. Relying on the personalized and trusted nature of such devices, security features can be deployed on them in order to uniquely identify a user to a service provider. In this paper, we present a strong authentication mechanism that exploits the use of mobile devices to provide a two-factor authentication method. Our approach uses a combination of one-time passwords, as the first authentication factor, and credentials stored on a mobile device, as the second factor, to offer a strong and secure authentication approach. We also present an analysis of the security and usability of this mechanism. The security protocol is analyzed against an adversary model; this evaluation proves that our method is safe against various attacks, most importantly key logging, shoulder surfing, and phishing attacks. Our usability evaluation shows that, although our technique does add a layer...
In the present digital day with remarkable development in Computer sector, Single factor authentication, e.g. passwords, is no more examined as secure in the World Wide Web. It has never been less difficult in Securing the system and remote access. Simple, obvious and easy-to-guess passwords, such as names and age, are effortlessly found via computerized secret key gathering programs. The security and privacy threats through malware are always constantly growing both in quantity as well as quality. Expanded access to information increases weakness to hacking, cracking of passwords and online frauds. In this association the conventional login/password authentication is taken into account inadequately secure for several security-critical applications such as login to Mailing Accounts, Social Networks, Gadgets, Financial accounts, official secured networks, commercial websites online etc. Obliging more than one independent factor increases the difficulty of providing false credentials. Two-factor authentication proposal guarantee a higher protection level by extending the single authentication factor. This paper focuses on the implementation of two-factor authentication methods by using both users friendly traditional Alphanumeric Password and graphical Password as gateway for authentication. An attempt has been made by using two factor Authentication, and in this paper we describe the two factor Authentication system design and design implementation. Thus affording an additional password adds an extra layer of security.
A survey of Two Factor Authentication Methods : Advantages & Disadvantages
Journal of emerging technologies and innovative research, 2021
Authentication forms an important step in any security system to allow access to resources that are to be restricted. In this paper, we compare the advantages and disadvantages of two authentication methods. We begin with the details of existing systems in use and then compare the two systems viz: Two Factor Authentication (2FA), Risk-Based Two Factor Authentication (RB-2FA). We also introduce a new variation of the risk based two factor authentication system called the artificial-intelligence assisted two-factor authentication.
Lecture Notes in Computer Science, 2019
Two-factor authentication provides a significant improvement over the security of traditional password-based authentication by requiring users to provide an additional authentication factor, e.g., a code generated by a security token. In this decade, single password authentication (SPA) schemes are introduced to overcome the challenges of traditional password authentication, which is vulnerable to the offline dictionary, phishing, honeypot, and man-in-the-middle attacks. Unlike classical password-based authentication systems, in SPA schemes the user is required to remember only a single password (and a username) for all her accounts, while the password is protected against the aforementioned attacks in a provably secure manner. In this paper, for the first time, we implement the state-of-the-art mobilebased SPA system of Acar et al. (2013) as a prototype and assess its usability in a lab environment where we compare it against two-factor authentication (where, in both cases, in addition to the password, the user needs access to her mobile device). Our study shows that mobilebased SPA is as easy as, but less intimidating and more secure than twofactor authentication, making it a better alternative for online banking type deployments. Based on our study, we conclude with deployment recommendations and further usability study suggestions.
Digital Memories Based Mobile User Authentication for IoT
The increasing number of devices within the IoT is raising concerns over the efficiency and exploitability of existing authentication methods. The weaknesses of such methods, in particular passwords, are well documented. Although alternative methods have been proposed, they often rely on users being able to accurately recall complex and often unmemorable information. With the profusion of separate online accounts, this can often be a difficult task. The emerging digital memories concept involves the creation of a repository of memories specific to individuals. We believe this abundance of personal data can be utilised as a form of authentication. In this paper, we propose our digital memories based two-factor authentication mechanism, and also present our promising evaluation results.
Cue-Pin-Select, a Secure Mental Password Manager
2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), 2020
People struggle to invent safe passwords for many of their typical online activities, leading to a variety of security problems when they use overly simple passwords or reuse them multiple times with minor modifications. Having different passwords for each service generally requires password managers or memorable (but weak) passwords, introducing other vulnerabilities [1], [2]. Recent research [3], [4] has offered multiple alternatives but those require either rote memorisation [5] or computation on a physical device[6], [7]. This paper describes a secure and usable solution to this problem that requires no assistance from any physical device. We present the Cue-Pin-Select password family scheme that requires little memorisation and allows users to create and retrieve passwords easily. It uses our natural cognitive abilities to be durable, adaptable to different password requirements, and resistant to attacks, including ones involving plain-text knowledge of some passwords from the ...