Survey on usable and secure two-factor authentication

Archana, B.S.; Chandrashekar, Ashika; Bangi, Anusha Govind; Sanjana, B.M.; Akram, Syed

doi:10.1109/rteict.2017.8256716

Cited by 21 publications

(17 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Rather than fundamental alternatives being implemented, most ecosystems have simply padded their authentication processes with additional factors. This trend can be seen in the rise of two-factor or multi-factor authentication, colloquially known as 2FA and MFA respectively [ 10 , 11 , 12 , 13 ]. However, the rise of padding front-end authentication portals with such techniques has led to inflated user responsibilities without as great of security as is thought; these methods help protect against front-facing brute-forcing and dictionary attacks, but often do not add any additional layers of protection to more common forms of cyber-attacks, such as phishing, man-in-the-middle (MiTM), or replay attacks [ 7 , 8 , 12 , 14 , 15 ].…”

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

“…While these multi-factor methods may help obscure access control, they do not always prevent information, such as the password or password-hash itself, from being stolen. Since users tend to re-use passwords across websites, this threat still exists as not every website has implemented 2FA/MFA protections [ 10 , 11 , 17 , 18 , 19 ].…”

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

“…While proposed solutions have varied significantly, countermeasures that are derivative of current paradigms are more widely agreed upon. Beside the previously mentioned user education and minimum password requirements, typically-accepted countermeasures include tokenization, or shift from ‘static’ passwords to ‘dynamic’ passwords, generally presented in a similar fashion to MFA PINs [ 11 , 12 , 17 , 18 , 19 ]. Other countermeasures include reactive password checking, heightened access control, stronger password hashing and salting, and complex, generated passwords [ 8 , 16 ].…”

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

“…Another alternative to alphanumeric passwords is graphical passwords [ 8 , 11 , 22 ]. There has been a degree of consensus regarding their viability, with a minor agreement that they outperform alphanumeric passwords [ 8 , 11 , 22 ]. Graphical passwords are typically sorted into three categories; recall, cued-recall, and recognition.…”

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

See 3 more Smart Citations

A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication

Obaidat

Brown

Obeidat

et al. 2020

Sensors

View full text Add to dashboard Cite

A significant percentage of security research that is conducted suffers from common issues that prevent wide-scale adoption. Common snags of such proposed methods tend to include (i) introduction of additional nodes within the communication architecture, breaking the simplicity of the typical client–server model, or fundamental restructuring of the Internet ecosystem; (ii) significant inflation of responsibilities or duties for the user and/or server operator; and (iii) adding increased risks surrounding sensitive data during the authentication process. Many schemes seek to prevent brute-forcing attacks; they often ignore either partially or holistically the dangers of other cyber-attacks such as MiTM or replay attacks. Therefore, there is no incentive to implement such proposals, and it has become the norm instead to inflate current username/password authentication systems. These have remained standard within client–server authentication paradigms, despite insecurities stemming from poor user and server operator practices, and vulnerabilities to interception and masquerades. Besides these vulnerabilities, systems which revolve around secure authentication typically present exploits of two categories; either pitfalls which allow MiTM or replay attacks due to transmitting data for authentication constantly, or the storage of sensitive information leading to highly specific methods of data storage or facilitation, increasing chances of human error. This paper proposes a more secure method of authentication that retains the current structure of accepted paradigms, but minimizes vulnerabilities which result from the process, and does not inflate responsibilities for users or server operators. The proposed scheme uses a hybrid, layered encryption technique alongside a two-part verification process, and provides dynamic protection against interception-based cyber-attacks such as replay or MiTM attacks, without creating additional vulnerabilities for other attacks such as bruteforcing. Results show the proposed mechanism outperforms not only standardized methods, but also other schemes in terms of deployability, exploit resilience, and speed.

show abstract

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

Section: Related Work and Significance Of This Studymentioning

confidence: 99%

See 2 more Smart Citations

A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication

Obaidat

Brown

Obeidat

et al. 2020

Sensors

View full text Add to dashboard Cite

show abstract

“…This capability of passthoughts can potentially overcome a significant limitation to the usability of multi-factor authentication systems which typically require a separate action from the user for each factor. [172][173][174][175] In order to achieve single-step multi-factor authentication with passthoughts, a mental task is required that can serve as a secret. In the case of mental commands, this can be a sequence of commands which form a sort of password.…”

Section: System Requirementsmentioning

confidence: 99%