A Simple and Secure Reformation-Based Password Scheme

Ali, Mushtaq; Baloch, Amanullah; Waheed, Abdul; Zareei, Mahdi; Manzoor, Rimsha; Sajid, Hassam; Alanazi, Faisal

doi:10.1109/access.2020.3049052

Cited by 12 publications

(5 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Usability evaluation of existing and novel systems: Contributions belonging to this category seem to be characterized by two main approaches to evaluating the products/methods: authors either evaluate them individually [20,25,27,29,[34][35][36][37] or compare them with other existing or new systems [4,[13][14][15][16][17][18][19]22,24,26,28,30,32,33,[38][39][40][41].…”

Section: Usability Of Authentication Methods (34 Papers)mentioning

confidence: 99%

“…Another critical issue shared by many articles belonging to this cluster is the creation and use of custom measures to evaluate the usability of the products and systems studied, such as code length [15] or typing effort [39], exclusively related to the specific tool used. This highlights a methodological weakness, forgoing the golden standards for usability assessment and making the studies often not comparable.…”

Section: Usability Of Authentication Methods (34 Papers)mentioning

confidence: 99%

See 1 more Smart Citation

Usable Security: A Systematic Literature Review

Di Nocera,

Tempestini,

Orsini

2023

Information

View full text Add to dashboard Cite

Usable security involves designing security measures that accommodate users’ needs and behaviors. Balancing usability and security poses challenges: the more secure the systems, the less usable they will be. On the contrary, more usable systems will be less secure. Numerous studies have addressed this balance. These studies, spanning psychology and computer science/engineering, contribute diverse perspectives, necessitating a systematic review to understand strategies and findings in this area. This systematic literature review examined articles on usable security from 2005 to 2022. A total of 55 research studies were selected after evaluation. The studies have been broadly categorized into four main clusters, each addressing different aspects: (1) usability of authentication methods, (2) helping security developers improve usability, (3) design strategies for influencing user security behavior, and (4) formal models for usable security evaluation. Based on this review, we report that the field’s current state reveals a certain immaturity, with studies tending toward system comparisons rather than establishing robust design guidelines based on a thorough analysis of user behavior. A common theoretical and methodological background is one of the main areas for improvement in this area of research. Moreover, the absence of requirements for Usable security in almost all development contexts greatly discourages implementing good practices since the earlier stages of development.

show abstract

Section: Usability Of Authentication Methods (34 Papers)mentioning

confidence: 99%

Section: Usability Of Authentication Methods (34 Papers)mentioning

confidence: 99%

Usable Security: A Systematic Literature Review

Di Nocera,

Tempestini,

Orsini

2023

Information

View full text Add to dashboard Cite

show abstract

“…The knowledge-based password still provides extendable usability and security features. It can be comparable to the token and biometrics security levels with respect to mitigating most of the usability issues and security threats [1], [109]. Textual passwords are relatively still the most usable passwords because their ease of use, lack of hardware required, and less required storage [110].…”

Section: Comparative Analysis Of Knowledge-based Passwords Tokens And...mentioning

confidence: 99%

“…The biggest challenge for several companies is to establish an authentication technique that offers a high level of usability and security. Authentication systems can be classified into three main types: knowledge-based, token-based, and biometric [1], [2]. Large corporations and banks have recently switched to the use of biometrics or token passwords to verify individuals' identities, but these passwords require expensive hardware and high-complexity algorithms [3]- [5].…”

Section: Introductionmentioning

confidence: 99%

Usability and Security of Knowledge-based Authentication Systems: A State-of-the-Art Review

Wasfi¹,

Stone²

2023

IJACSA

View full text Add to dashboard Cite

Knowledge-based passwords are still the most dominant authentication method for securing digital platforms and services, in spite of the emergence of alternative systems such as token-based and biometric systems. This method has remained the most popular one mostly because of its usability, compatibility, affordability of implementation, and user familiarity. However, the main challenge of knowledge-based password schemes lies in creating passwords that provide a balance between memorability and security. This research aimed to compare various knowledgebased schemes in order to establish a strategy that provided high memorability and resilience to most cyberattacks. The overview of this research identifies areas of knowledge-based passwords for further research and enhances the methodology that helps to offer insight into usable, secure, and sustainable authentication approaches. Future work has been recommended to explore the major features and drawbacks of recognition-based textual passwords because this method provides the usability and security benefits of graphical passwords with the familiarity of textual passwords.

show abstract

“…Shoulder surfing being a real threat to authentication systems is of two types, i.e., weak and strong shoulder surfing attacks. In the first one, an attacker directly observes the authentication mechanism, whereas in the latter one, the attacker uses any hardware device, i.e., recording camera [35]. Textual passwords are slightly unprotected and are easily attackable that's why they are considered to be the weakest link in authentication chain [36,37].…”

Section: Shoulder Surfing and Smudge Attacksmentioning

confidence: 99%

IoT Devices Authentication Using Artificial Neural Network

Hasan¹,

Ghani²,

Din³

et al. 2022

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

User authentication is one of the critical concerns of information security. Users tend to use strong textual passwords, but remembering complex passwords is hard as they often write it on a piece of paper or save it in their mobile phones. Textual passwords are slightly unprotected and are easily attackable. The attacks include dictionary, shoulder surfing, and brute force. Graphical passwords overcome the shortcomings of textual passwords and are designed to aid memorability and ease of use. This paper proposes a Process-based Pattern Authentication (PPA) system for Internet of Things (IoT) devices that does not require a server to maintain a static password of the login user. The server stores user's information, which they provide at the time of registration, i.e., the R-code and the symbol, but the P-code, i.e., the actual password, will change with every login attempt of users. In this scheme, users may draw a pattern on the basis of calculation from the P-code and Rcode in the PPA pattern, and can authenticate themselves using their touch dynamic behaviors through Artificial Neural Network (ANN). The ANN is trained on touch behaviors of legitimate users reporting superior performance over the existing methods. For experimental purposes, PPA is implemented as a prototype on a computer system to carry out experiments for the evaluation in terms of memorability and usability. The experiments show that the system has an effect of 5.03% of the False Rejection Rate (FRR) and 4.36% of the False Acceptance Rate (FAR), respectively.

show abstract

A Simple and Secure Reformation-Based Password Scheme

Cited by 12 publications

References 28 publications

Usable Security: A Systematic Literature Review

Usable Security: A Systematic Literature Review

Usability and Security of Knowledge-based Authentication Systems: A State-of-the-Art Review

IoT Devices Authentication Using Artificial Neural Network

Contact Info

Product

Resources

About