Current Multi-factor of Authentication: Approaches, Requirements, Attacks and Challenges

Mohammed, Ali Hameed Yassir; Dziyauddin, Rudzidatul Akmam; Latiff, Liza Abdul

doi:10.14569/ijacsa.2023.0140119

Cited by 7 publications

(4 citation statements)

References 48 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Multi-factor authentication (MFA) solutions, designed for user-friendliness, should be widely adopted, with clear guidance provided on their setup and usage (Mohammed et al, 2023). Collaborative incident response planning involving cross-functional teams and tabletop exercises ensures a coordinated and efficient response to social engineering incidents.…”

Section: Case Study 3: Social Engineering In Influencer Marketingmentioning

confidence: 99%

A comprehensive survey on social engineering-based attacks on social networks

Naz,

Sarwar,

Kaleem

et al. 2024

Int. j. adv. appl. sci.

View full text Add to dashboard Cite

Threats based on social engineering in social networks are becoming a more common problem. Social engineering is a type of attack that relies on trickery and exploiting human psychology to gain access to confidential information or resources. It involves deceptive techniques like phishing, pretexting, and baiting, tricking individuals into revealing sensitive information or performing specific actions. These tactics can lead to unauthorized access to user accounts, identity theft, or the distribution of harmful content. This study offers a detailed review of threats related to social engineering on social networks. It explores various social engineering attacks, the methods used to execute these threats, and measures that can be adopted to minimize the risk of becoming a victim. The research aimed to develop a new, broad classification of social engineering attacks and strategies for responding to them. It also examines the challenges that social engineering poses to algorithms on social media platforms and highlights the need for more research. The study concludes by pointing out the shortcomings of current approaches and suggesting future research directions, stressing the importance of standardized protective measures and increasing awareness among potential victims. This thorough examination improves our understanding of social engineering attacks and encourages the development of innovative solutions and ethical practices, contributing to a more secure digital environment.

show abstract

Section: Case Study 3: Social Engineering In Influencer Marketingmentioning

confidence: 99%

A comprehensive survey on social engineering-based attacks on social networks

Naz,

Sarwar,

Kaleem

et al. 2024

Int. j. adv. appl. sci.

View full text Add to dashboard Cite

show abstract

“…Push authentication requires the user to receive a push notification on their smartphone to approve or deny a login attempt. This method is advantageous because it eliminates the need for users to type in numbers, as required by other 2FA methods, making it both faster and more user-friendly [18]. Additionally, push authentication requires Internet access, which is necessary to keep communication between the user's device and the server secure, such as through TLS.…”

Section: Pushmentioning

confidence: 99%

Usability Testing of Memorable Word in Security Enhancing in e-Government and e-Financial Systems

Alotaibi,

Aljeaid,

Alharbi

2023

IJACSA

View full text Add to dashboard Cite

Most applications increase their security by adding an extra layer to the login process using two-factor authentication (2FA). In Saudi Arabia, One-Time Password (OTP), which is 2FA, is the most common method used as users log in to their accounts. However, some issues have emerged with using OTP as 2FA; these issues from previous research were investigated in the study. Also, the study proposed a new method of account authentication, which is a Memorable Word (MW). MW is the second and short password in which the user enters a certain number of characters instead of the whole password. The study conducted usability testing to compare two 2FA methods, OTP and MW. The study included 60 participants logged into a simulated website using both authentication methods. Then, all participants have to complete the questionnaire. The collected data analyses showed a favourable opinion of the MW method.

show abstract

“…These techniques, including those applied to irises [1], have become integral in contemporary stringent security systems, necessitating user authentication based on cancelable biometrics methods. Iris biometrics, owing to its unique and stable physiological traits, has garnered significant interest over the past decade [2]. Its application in authentication systems stands out as a preferred alternative to traditional methods, reducing reliance on passwords and tokens [3], especially given its irrevocable nature.…”

Section: Introductionmentioning

confidence: 99%

A standard ranking algorithm for robust iris template protection

Hameed Yassir,

Dziyauddin,

Kamaruddin

et al. 2024

IJEECS

View full text Add to dashboard Cite

In iris biometric recognition systems, protecting the storage and transmission of iris templates is crucial, and template protection techniques are pivotal for ensuring their security. A prevalent approach involves using indexing methods as an effective algorithm for iris template protection, leveraging the index or rank of the extracted iris code to generate a secure iris template. Meantime, many privacy threats to biometric data have emerged, necessitating heightened protection measures. Specifically, protecting the privacy of iris data is imperative within the context of iris template protection during recognition processes. As stipulated by the international standard ISO/IEC 30136, effective iris template protection must concurrently meet the criteria of irreversibility, revocability, and unlinkability. Nevertheless, existing indexing methods on iris template protection faced the formidable challenge of simultaneously fulfilling these three privacy requirements while maintaining the efficacy of iris recognition. This paper introduces a standard ranking (standardR) algorithm, named standardR, designed to enhance the security of iris templates by transforming each iris template into an irreversible representation. The experimental results on the benchmarked Casia-Iris-interval dataset, along with two additional iris datasets MMU1 and UBRIS 1, demonstrate the efficacy of the proposed algorithm. The proposed standardR algorithm achieves an equal error rate (EER) of 0.1695% and an area under the curve of 0.93011% with the Casia-Iris-Interval dataset. Furthermore, the algorithm maintains efficient recognition with a reduced iris code length of 1280 bits, a time complexity of O(n log n), and satisfies the biometric template protection (BTP) requirements in irreversibility, unlinkability, and renewability.

show abstract

Current Multi-factor of Authentication: Approaches, Requirements, Attacks and Challenges

Cited by 7 publications

References 48 publications

A comprehensive survey on social engineering-based attacks on social networks

A comprehensive survey on social engineering-based attacks on social networks

Usability Testing of Memorable Word in Security Enhancing in e-Government and e-Financial Systems

A standard ranking algorithm for robust iris template protection

Contact Info

Product

Resources

About