SoK: Web Authentication in the Age of End-to-End Encryption
J Blessing, D Hugenroth, RJ Anderson… - arXiv preprint arXiv …, 2024 - arxiv.org
The advent of end-to-end encrypted (E2EE) messaging and backup services has brought
new challenges for usable authentication. Compared to regular web services, the nature of …
new challenges for usable authentication. Compared to regular web services, the nature of …
[PDF][PDF] A Mixed-Methods Study on User Experiences and Challenges of Recovery Codes for an End-to-End Encrypted Service
S Höltervennhoff, N Wöhler, A Möhle… - In 33rd USENIX …, 2024 - usenix.org
Recovery codes are a popular backup mechanism for online services to aid users who lost
their passwords or two-factor authentication tokens in regaining access to their accounts or …
their passwords or two-factor authentication tokens in regaining access to their accounts or …
What Johnny thinks about using two-factor authentication on GitHub: A survey among open-source developers
Several security issues in open-source projects demonstrate that developer accounts get
misused or stolen if weak authentication is used. Many services have started to enforce …
misused or stolen if weak authentication is used. Many services have started to enforce …
Evaluating the Influence of Multi-Factor Authentication and Recovery Settings on the Security and Accessibility of User Accounts
A Büttner, N Gruschka - arXiv preprint arXiv:2403.15080, 2024 - arxiv.org
Nowadays, most online services offer different authentication methods that users can set up
for multi-factor authentication but also as a recovery method. This configuration must be …
for multi-factor authentication but also as a recovery method. This configuration must be …
More Than Just a Random Number Generator! Unveiling the Security and Privacy Risks of Mobile OTP Authenticator Apps
Abstract One-Time Passwords (OTPs) are a crucial component of multi-factor authentication
(MFA) systems, providing additional security by requiring users to supply a dynamically …
(MFA) systems, providing additional security by requiring users to supply a dynamically …
Authentication in the Connected World: Perceived Password Security Is Inflated
D Bassett, N Micallef, B Müller - Annual conference on Advances in Cyber …, 2024 - Springer
Passwords are still a popular authentication approach, even as biometric authentication has
become a widespread method to access our phones. Although password managing tools …
become a widespread method to access our phones. Although password managing tools …
Is It Really You Who Forgot the Password? When Account Recovery Meets Risk-Based Authentication
Risk-based authentication (RBA) is used in online services to protect user accounts from
unauthorized takeover. RBA commonly uses contextual features that indicate a suspicious …
unauthorized takeover. RBA commonly uses contextual features that indicate a suspicious …
Evaluating the evaluation criteria for account-recovery procedures in passwordless authentication
M Keil, A Zugenmaier - Open Identity Summit 2024, 2024 - dl.gi.de
Passwordless authentication avoids the weaknesses of password based authentication
such as guessable passwords and password reuse. However, when passwordless …
such as guessable passwords and password reuse. However, when passwordless …
On the usability of authentication security communication
SM Amft - 2024 - repo.uni-hannover.de
Information technology has become more and more ubiquitous in recent times, and it affects
almost all aspects of modern life. To protect this technology and its underlying resources, the …
almost all aspects of modern life. To protect this technology and its underlying resources, the …
Investigating the Benefits of Adopting Secure Shell (SSH) in Wireless Network Security
C Gavathri, VD Patil, DK Singh, R Kumar… - … on Paradigm Shift in …, 2023 - ieeexplore.ieee.org
cozy Shell is an encrypted network protocol that has become increasingly popular in
network security. Using SSH, organizations can defend their wireless networks from …
network security. Using SSH, organizations can defend their wireless networks from …