Publication: User perceptions of security and usability of mobile-based single password authentication and two-factor authentication
| dc.contributor.coauthor | İşler, Devriş | |
| dc.contributor.department | Department of Media and Visual Arts | |
| dc.contributor.department | Department of Computer Engineering | |
| dc.contributor.kuauthor | Coşkun, Aykut | |
| dc.contributor.kuauthor | Küpçü, Alptekin | |
| dc.contributor.schoolcollegeinstitute | College of Engineering | |
| dc.contributor.schoolcollegeinstitute | College of Social Sciences and Humanities | |
| dc.date.accessioned | 2024-11-09T11:42:52Z | |
| dc.date.issued | 2019 | |
| dc.description.abstract | Two-factor authentication provides a significant improvement over the security of traditional password-based authentication by requiring users to provide an additional authentication factor, e.g., a code generated by a security token. In this decade, single password authentication (SPA) schemes are introduced to overcome the challenges of traditional password authentication, which is vulnerable to the offline dictionary, phishing, honeypot, and man-in-the-middle attacks. Unlike classical password-based authentication systems, in SPA schemes the user is required to remember only a single password (and a username) for all her accounts, while the password is protected against the aforementioned attacks in a provably secure manner. In this paper, for the first time, we implement the state-of-the-art mobile-based SPA system of Acar et al. (2013) as a prototype and assess its usability in a lab environment where we compare it against two-factor authentication (where, in both cases, in addition to the password, the user needs access to her mobile device). Our study shows that mobile-based SPA is as easy as, but less intimidating and more secure than two-factor authentication, making it a better alternative for online banking type deployments. Based on our study, we conclude with deployment recommendations and further usability study suggestions. | |
| dc.description.fulltext | YES | |
| dc.description.indexedby | Scopus | |
| dc.description.openaccess | YES | |
| dc.description.publisherscope | International | |
| dc.description.sponsoredbyTubitakEu | EU - TÜBİTAK | |
| dc.description.sponsorship | Scientific and Technological Research Council of Turkey (TÜBİTAK) | |
| dc.description.sponsorship | Royal Society of UK Newton Advanced Fellowship | |
| dc.description.sponsorship | European Union (European Union) | |
| dc.description.sponsorship | Horizon 2020 | |
| dc.description.sponsorship | European Research Council (ERC) Advanced Grant | |
| dc.description.sponsorship | FWO under an Odysseus Project | |
| dc.description.version | Author's final manuscript | |
| dc.identifier.doi | 10.1007/978-3-030-31500-9_7 | |
| dc.identifier.embargo | NO | |
| dc.identifier.filenameinventoryno | IR02035 | |
| dc.identifier.isbn | 9783030314996 | |
| dc.identifier.issn | 0302-9743 | |
| dc.identifier.quartile | N/A | |
| dc.identifier.scopus | 2-s2.0-85075622956 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14288/267 | |
| dc.keywords | Password-based authentication | |
| dc.keywords | Single password authentication | |
| dc.keywords | Two-factor authentication | |
| dc.keywords | Usability | |
| dc.language.iso | eng | |
| dc.publisher | Springer | |
| dc.relation.grantno | 115E766 | |
| dc.relation.grantno | NA140464 | |
| dc.relation.grantno | ERC-2015-AdG-IMPaCT | |
| dc.relation.grantno | GOH9718N | |
| dc.relation.ispartof | Lecture Notes in Computer Science | |
| dc.relation.uri | http://cdm21054.contentdm.oclc.org/cdm/ref/collection/IR/id/8676 | |
| dc.subject | Authentication | |
| dc.subject | Security of data | |
| dc.subject | Graphical authentication | |
| dc.title | User perceptions of security and usability of mobile-based single password authentication and two-factor authentication | |
| dc.type | Conference Proceeding | |
| dspace.entity.type | Publication | |
| local.contributor.kuauthor | Küpçü, Alptekin | |
| local.contributor.kuauthor | Coşkun, Aykut | |
| local.publication.orgunit1 | College of Engineering | |
| local.publication.orgunit1 | College of Social Sciences and Humanities | |
| local.publication.orgunit2 | Department of Computer Engineering | |
| local.publication.orgunit2 | Department of Media and Visual Arts | |
| relation.isOrgUnitOfPublication | 483fa792-2b89-4020-9073-eb4f497ee3fd | |
| relation.isOrgUnitOfPublication | 89352e43-bf09-4ef4-82f6-6f9d0174ebae | |
| relation.isOrgUnitOfPublication.latestForDiscovery | 483fa792-2b89-4020-9073-eb4f497ee3fd | |
| relation.isParentOrgUnitOfPublication | 8e756b23-2d4a-4ce8-b1b3-62c794a8c164 | |
| relation.isParentOrgUnitOfPublication | 3f7621e3-0d26-42c2-af64-58a329522794 | |
| relation.isParentOrgUnitOfPublication.latestForDiscovery | 8e756b23-2d4a-4ce8-b1b3-62c794a8c164 |
Files
Original bundle
1 - 1 of 1