Where Have You Been? Using Location-Based Security Questions for Fallback Authentication
نویسندگان
چکیده
In this paper, we propose and evaluate the combination of location-based authentication with security questions as a more usable and secure fallback authentication scheme. A four weeks user study with an additional evaluation after six months was conducted to test the feasibility of the concept in the context of long-term fallback authentication. The results show that most users are able to recall the locations to their security questions within a distance of 30 meters, while potential adversaries are bad in guessing the answers even after performing Internet research. After four weeks, our approach yields an accuracy of 95% and reaches, after six months, a value of 92%. In both cases, none of the adversaries were able to attack users successfully.
منابع مشابه
Security Strength Indicator in Fallback Authentication: Nudging Users for Better Answers in Secret Questions
In this paper, we describe ongoing work that focuses on improving the strength of the answers to security questions. The ultimate goal of the proposed research is to evaluate the possibility of nudging users towards strong answers for ubiquitous security questions. In this research we are proposing a user interface design for fallback authentication to encourage users to design stronger answers...
متن کاملAddressing insider threat using "where you are" as fourth factor authentication
Current physical and cybersecurity systems have been relying on traditional three factor authentication to mitigate the threats posed by insider attacks. Typically, systems use one or two of the following factors to authenticate end-users: what you know (e.g., password), what you have (e.g., RSA ID), or what you are (e.g., fingerprint). Systems based on these factors have the following limitati...
متن کاملA TESLA-based mutual authentication protocol for GSM networks
The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against m...
متن کاملSecurity Analysis of Lightweight Authentication Scheme with Key Agreement using Wireless Sensor Network for Agricultural Monitoring System
Wireless sensor networks have many applications in the real world and have been developed in various environments. But the limitations of these networks, including the limitations on the energy and processing power of the sensors, have posed many challenges to researchers. One of the major challenges is the security of these networks, and in particular the issue of authentication in the wireles...
متن کاملMHIDCA: Multi Level Hybrid Intrusion Detection and Continuous Authentication for MANET Security
Mobile ad-hoc networks have attracted a great deal of attentions over the past few years. Considering their applications, the security issue has a great significance in them. Security scheme utilization that includes prevention and detection has the worth of consideration. In this paper, a method is presented that includes a multi-level security scheme to identify intrusion by sensors and authe...
متن کامل