L Lassak, A Hildebrandt, M Golla, B Ur - 30th USENIX Security …, 2021 - usenix.org
While prior attempts at passwordless authentication on the web have required specialized hardware, FIDO2's WebAuthn protocol lets users sign into websites with their smartphone …
In many situations, it is of interest for authentication systems to adapt to context (eg, when the user's behavior differs from the previous behavior). Hence, representing the context with …
S Wiefling, PR Jørgensen, S Thunem… - ACM Transactions on …, 2022 - dl.acm.org
Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when …
M Campobasso, L Allodi - Proceedings of the 2020 ACM SIGSAC …, 2020 - dl.acm.org
In this paper we provide evidence of an emerging criminal infrastructure enabling impersonation attacks at scale. Impersonation-as-a-Service (IMPaaS) allows attackers to …
Usable and secure authentication on the web and beyond is mission-critical. While password-based authentication is still widespread, users have trouble dealing with …
Risk-based Authentication (RBA) is an adaptive security measure to strengthen password- based authentication. RBA monitors additional features during login, and when observed …
Password-based authentication (PBA) remains the most popular form of user authentication on the web despite its long-understood insecurity. Given the deficiencies of PBA, many …
During the COVID-19 pandemic, most organizations were forced to implement a work-from- home policy, and in many cases, employees have not been expected to return to the office …
Risk-based authentication (RBA) aims to strengthen password-based authentication rather than replacing it. RBA does this by monitoring and recording additional features during the …