Protected Login
نویسندگان
چکیده
Despite known problems with their security and ease-of-use, passwords will likely continue to be the main form of web authentication for the foreseeable future. We define a certain class of password-based authentication protocols and call them protected login. Protected login mechanisms present reasonable security in the face of real-world threat models. We find that some websites already employ protected login mechanisms, but observe that they struggle to protect first logins from new devices – reducing usability and security. Armed with this insight, we make a recommendation for increasing the security of web authentication: reduce the number of unprotected logins, and in particular, offer opportunistic protection of first logins. We provide a sketch of a possible solution.
منابع مشابه
On the Remote Authentication with Self - Protected Smart Cards 植基於具自保功能智慧卡之遠端認證機制
Smart card is a secure device for remote authentication. However, if cardholders lost their card, attackers always can successfully guess passwords and impersonate legal users to login. In 2004, Lee et al. proposed a remote authentication scheme with smart cards. In this paper, we first show that their scheme cannot withstand the guessing attack. If attackers obtain the card, they can successfu...
متن کاملOpportunistic protected login: Next step in traditional password based user authentication
Password based authentication faces security related threats from phishing, server compromise and man-inthe-middle attack. Despite the poor security, it has been the primary method of user authentication on web since a decade now. This paper is a systematic review of a proposal, by Czeskis et al., which aims to provide opportunistic protected login for user authentication, for web services with...
متن کاملDoodles for Authentication: Recognition and User Study Results
Traditional means of computer based authentication based on username and password combinations become unwieldy as the number of password accounts one manages increases. The average computer user needs to remember a large number of text username and password combinations for different applications, which places a large cognitive load on the user. While biometric login based systems can free the ...
متن کاملHow To Login From an Internet Café Without Worrying About Keyloggers
Roaming users who use untrusted machines to access password protected accounts have few good options. An internet café machine can easily be running a keylogger. The roaming user has no reliable way of determining whether it is safe, and has no alternative to typing the password. We describe a simple trick the user can employ that is entirely effective in concealing the password. We verify its ...
متن کاملA secure mobile DRM system based on cloud architecture
Public cloud architecture offers a public access software service. Users can login to access the cloud resources via various devices. The main advantage of the SaaS (Software as a Service) cloud service is that it supports different software and devices, in order to open web browsers, to authenticate the users through the standard format. E-books are protected by digital rights management (DRM)...
متن کامل