Spelling suggestions: "subject:"twofactor authentication"" "subject:"twofactors authentication""
1 |
Evaluating the Usability of Two-Factor AuthenticationReese, Kendall Ray 01 June 2018 (has links)
Passwords are the dominant form of authentication on the web today. However,many users choose weak passwords and reuse the same password on multiple sites, thus increasing their vulnerability to having their credentials leaked or stolen. Two-factor authentication strengthens existing password authentication schemes against impersonation attacks and makes it more difficult for attackers to reuse stolen credentials on other websites. Despite the added security benefits of two-factor authentication, there are still many open questions about its usability. Many two-factor authentication systems in widespread usage today have not yet been subjected to adequate usability testing. Previous comparative studies have demonstrated significant differences in usability between various single-factor authentication systems.The main contributions of this work are as follows. First, we developed a novel user behavior model that describes four phases of interaction between a user and an authentication system. This model is designed to inform the design of future usability studies and will enable researchers and those implementing authentication systems to have a more nuanced understanding of authentication system usability. Second, we conducted a comparative usability study of some of the most common two-factor authentication systems. In contrast to previous authentication usability studies, we had participants use the system for a period of two weeks and collected both timing data and SUS metrics on the systems under test. From these studies, we make several conclusions about the state of usability and acceptance of two-factor authentication, finding that many users want more security for their sensitive online accounts and are open to using multiple forms of two-factor authentication. We also suggest that security researchers draw upon risk communication theory to better help users make informed security decisions.
|
2 |
A Theoretical Proposal of Two-Factor Authentication in SmartphonesPersson, Oskar, Wermelin, Erik January 2017 (has links)
Context. For a user to gain access to a protected resource on the web,the user needs to get authenticated. There are different forms of authenti-cation, among the most common is the ordinary user name and passwordscheme. This scheme is very simple to implement, but it suffers from se-curity vulnerabilities and requires the user to remember passwords to allaccounts. Two-factor authentication could be one answer to increase thesecurity where one-factor authentication is lacking. However, depending onthe implementation, two-factor authentication could still be insecure andeven more user-unfriendly. Objectives. In this study, we investigate if our implementation of two-factor authentication has any advantages to existing ones. Our goal is topresent a secure and user-friendly authentication scheme that uses bothpassword and fingerprint. Methods. A literary study was performed in order to collect informationon similar systems and subjects in order to build a comparable authentica-tion model. The collected information and proposed model was then usedto analyze possible drawbacks and to answer research questions. Results. Results derive from the comparison between our proposed modeland two Google two-factor authentication solutions. Conclusions. The results yielded from the literary study and analysisshows that our proposed model does not add any advantages concerningsecurity. Our model does however provide better ease of use in comparisonwith similar two-factor authentication solutions from Google.
|
3 |
Assessing the Effectiveness of a Fingerprint Biometric and a Biometric Personal Identification Number (BIO-PIN™) when used as a Multi-Factor Authentication MechanismBatie, Robert B. 01 January 2016 (has links)
The issue of traditional user authentication methods, such as username/passwords, when accessing information systems, the Internet, and Web-based applications still pose significant vulnerabilities. The problem of user authentication including physical and logical access appears to have limited, if any, coverage in research from the perspective of biometric as ‘something the user knows.’ Previous methods of establishing ones’ identity by using a password, or presenting a token or identification (ID) card are vulnerable to circumvention by misplacement or unauthorized sharing. The need for reliable user authentication techniques has increased in the wake of heightened concerns about information security and rapid advancements in networking, communication, and mobility. The main goal of this research study was to examine the role of the authentication method (BIO-PIN™ or username/password) and time, on the effectiveness of authentication, as well as the users’ ability to remember the BIO-PIN™ versus username/password (UN/PW). Moreover, this study compared the BIO-PIN™ with a traditional multi-factor biometric authentication using multiple fingerprints (without sequence) and a numerical PIN sequence (noted as "BIO+PIN"). Additionally, this research study examined the authentication methods when controlled for age, gender, user’s computer experience, and number of accounts. This study used a quasi-experimental multiple baseline design method to evaluate the effectiveness of the BIO-PIN™ authentication method. The independent, dependent, and control variables were addressed using descriptive statistics and Multivariate Analysis of Variance (MANOVA) statistical analysis to compare the BIO-PIN™, the BIO+PIN, and UN/PW authentication methods for research questions (RQs) 1 and 2. Additionally, the Multivariate Analysis of Covariance (MANCOVA) was used to address RQ 3 and RQ4, which seeks to test any differences when controlled by age, gender, user experience, and number of accounts. This research study was conducted over a 10-week period with participant engagement occurring over time including a registration week and in intervals of 2 weeks, 3 weeks, and 5 weeks. This study advances the current research in multi-factor biometric authentication and increases the body of knowledge regarding users’ ability to remember industry standard UN/PWs, the BIO-PIN™ sequence, and traditional BIO+PIN.
|
4 |
Protecting Telemetry Data from Compromise Learning from the Mistakes of the Breached!Kalibjian, Jeff 11 1900 (has links)
Information has value and as such any network based computer (whether that network touches
the Internet or not) has the potential to be hacked. Telemetry data is not immune to the threat.
While there are a myriad of security sensor and analytics tools available for entities to deploy in
order to protect their IT networks and assets on those networks, sometimes overlooked is also the
wealth of research data available regarding the etiology of breaches that reveal fascinating,
sometimes counterintuitive insights in the best ways to configure and integrate security
applications to protect the organization.
After reviewing the latest research data regarding computer and IT network compromise,
security strategies implied in the research data appropriate to the security challenges
encountered in the telemetry post processing environment will be thoroughly examined
providing tangible methodologies that may be employed to better protect organization telemetry
post processing and IT infrastructures.
|
5 |
Masquerader Detection via 2fa HoneytokensWiklund, Anton January 2021 (has links)
Detection of insider threats is vital within cybersecurity. Techniques for detection include honeytokens, which most often are resources that, through deception, seek to expose intruders. One kind of insider that is detectable via honeytokens is the masquerader. This project proposes implementing a masquerader detection technique where honeytokens are placed within users’ filesystems in such a way that they also provide Two Factor Authentication(2fa) functionality. If a user’s second factor – the honeytoken –is not accessed within a specified timeframe after login, this indicates a potential intrusion, and only a “fake” filesystem will remain available. An alert is also triggered. The intention is to deter insiders from masquerading since they are aware that they must access a uniquely located honeytokena fter logging in to the legitimate user’s account. The technique was evaluated via user-testing that included interviews, a checklist with requirements for feasibility, and a cyber-security expert’s opinion on the technique’s feasibility. The main question evaluated during the project was the feasibility of adding the proposed technique to a computer system’s protective capabilities. The results of the project indicated that the proposed technique is feasible. The project’s results were also compared with the results of prior related research. The project’s scope was limited to a Linux system accessed via SSH into a Bash terminal(non-GUI-compatible), and the implemented technique was also evaluated within such an environment.
|
6 |
Managing Two-Factor Authentication Setup Through Password ManagersDutson, Jonathan William 09 April 2020 (has links)
Two-factor authentication (2FA) provides online accounts with protection against remote account compromise. Despite the security benefits, adoption of 2FA has remained low, in part due to poor usability. We explore the possibility of improving the usability of the 2FA setup process by providing setup automation through password managers. We create a proof-of-concept KeePass (a popular password manager) extension that adds browser-based automation to the 2FA setup process and conduct a 30-participant within-subjects user study to measure user perceptions about the system. Our system is found to be significantly more usable than the current manual method of 2FA setup for multiple online accounts, with our system receiving an average SUS score of ‘A’ while the manual setup method received an average score of ‘D’. We conduct a meta-analysis of some of the most common methods of 2FA used by websites today and propose a web API that could increase the speed, ease, and scalability of 2FA setup automation. Our threat analysis suggests that using password managers for 2FA automation can be implemented without introducing significant security risks to the process. The promising results from our user study and analysis indicate that password managers have strong potential for improving the usability of 2FA setup.
|
7 |
“If I could do this, I feel anyone could:” The Design and Evaluation of a Two-Factor Authentication ManagerSmith, Garrett D. 13 April 2022 (has links)
Two-factor authentication (2FA) is a strong defense against account compromise. However, usability studies reveal challenges with 2FA setup. The process to manually setup and remove 2FA methods differs across websites. We present a system design for a 2FA manager to automatically setup and remove 2FA methods. Potential benefits are reduced time, fewer mistakes, consistent terminology, a single workflow for users to learn, and the ability to rapidly transition to a new 2FA method—e.g., when replacing a lost 2FA method. We create two proof-of-concept implementations of our design, one as a browser extension and one integrated as a feature in an existing password manager. We evaluated the browser extension implementation approach using a between-subjects user study (N=60). Our results show fewer mistakes and reduced time compared to manually adding and removing 2FA methods. Qualitative results show that users found the automated process easy to use and were enthusiastic about the 2FA manager's ability to help them rapidly replace 2FA methods in the case they lost their 2FA device.
|
8 |
Secure Distributed Single Sign-On with Two-Factor AuthenticationBrasee, Kaleb D. January 2007 (has links)
No description available.
|
9 |
Two-factor Authentication and Digital Signing for an Enterprise System utilizing YubikeyHilm, David, Rahim, David January 2019 (has links)
The use of a second factor to increase the security of systems is growing and has continued to do so for a long time. This thesis explores options for implementation to use a YubiKey as an authentication method (OTP) as well as for signing digital transactions through a web browser client. Measures of network overhead that occurs in conjunction with Digital Signing of transactions are also disclosed. Our findings show that YubiKey provides flexible and readily available solutions that can be used with only small implementations for OTP authentication. It is also shown that the major concern for implementing a solution for a web browser is to intuitively use certificates stored on a USB-device without installing any plugins or with the use of a third-party application running on the client machine.
|
10 |
Scan me – Ökad säkerhet med multifactor authentication : En undersökning om effekten vid ökad säkerhet i digitala identifierare / Scan me - Increased security with multifactor authentication : A study of the effect when the security increases in digital identifiersBorgman, Isabelle January 2016 (has links)
Följande kandidatuppsats undersöker en applikation utifrån tre faktorer: säkerhet, användbarhet och funktionalitet. Arbetet tar fram en prototyp på en identifieringsapplikation som använder sig av QR-koder för att identifiera personer. Identifieringsprocessen är tänkt att fungera i t.ex. en insläppningskö på en pub. QR-koden finns i gästens mobil och dörrvakten använder den framtagna prototypen på en surfplatta eller smartphone för att scanna av gästens QR-kod. Syftet är att undersöka hur användbarheten och funktionaliteten påverkas i en applikation när det läggs till en faktor för att öka säkerheten. Detta undersöks genom ett användartest där 8 testpersoner får testa den framtagna prototypen och ge kommentarer både utifrån en gästs och en dörrvakts perspektiv. Resultaten visar på att användbarheten dras ner något i samband med att säkerheten ökar. Identifiering med hjälp av QR-läsaren tar ungefär 4 sekunder längre än vad det gör att identifiera med den vanliga metoden, d.v.s jämföra ett ID-kort med ett medlemskort. Funktionaliteten ökar i systemet eftersom att det läggs till funktionalitet för att scanna av en QR-kod och jämföra informationen ur den med en databas. Prototypen som har tagits fram i denna kandidatuppsats har utvecklingsmöjligheter och kan användas i andra sammanhang och i andra miljöer; prototypen skulle exempelvis fungera lika bra i ett affärssammanhang där affären kan ersätta sina fysiska medlemskort med en QR-kod och en avläsare för att ge sina kunder förmåner. / The following bachelor thesis examines an application based on three factors: security, usability and functionality. The work presents a prototype of an identification application that uses QR codes to identify a person. The identification process is supposed to work in eg a line to a pub. The QR-code is in the guest's mobile and the doorman uses the prototype, which this thesis presents, on a tablet or smartphone and scan the guest's QR code. The aim is to investigate how the usability and functionality is affected in an application when it is added a factor that increases the apps security. This is examined through a user test where 8 test subjects will test the developed prototype and provide feedback both from a guest and a doormans perspective. The results show that the usability decreases while the security increases. The identification with the QR reader takes about 4 seconds longer than it does to identify with the usual method, i.e. comparing an ID card with a membership card. The functionality in the system increases because we add the functionality to scan a QR-code and compare it's information with a database. The prototype that has been developed in this bachelor thesis has development potential and can be used in other contexts and in other environments; for example the prototype would work equally well in a business context in which the business can replace their membership card with a QR code and a reader to give their customers benefits.
|
Page generated in 0.1024 seconds