English
Related papers

Related papers: Evaluation of Risk-based Re-Authentication Methods

200 papers

Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when feature values widely differ from previously observed ones. It is…

Cryptography and Security · Computer Science 2022-11-11 Stephan Wiefling , Paul René Jørgensen , Sigurd Thunem , Luigi Lo Iacono

Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones,…

Cryptography and Security · Computer Science 2020-10-02 Stephan Wiefling , Markus Dürmuth , Luigi Lo Iacono

Risk-based authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional implicit features during password entry such as device or geolocation information, and requests additional…

Cryptography and Security · Computer Science 2020-03-18 Stephan Wiefling , Luigi Lo Iacono , Markus Dürmuth

Risk-based authentication (RBA) aims to strengthen password-based authentication rather than replacing it. RBA does this by monitoring and recording additional features during the login process. If feature values at login time differ…

Cryptography and Security · Computer Science 2021-10-26 Stephan Wiefling , Markus Dürmuth , Luigi Lo Iacono

Risk-based authentication (RBA) extends authentication mechanisms to make them more robust against account takeover attacks, such as those using stolen passwords. RBA is recommended by NIST and NCSC to strengthen password-based…

Cryptography and Security · Computer Science 2023-01-05 Stephan Wiefling , Jan Tolsdorf , Luigi Lo Iacono

Risk-based authentication (RBA) aims to protect end-users against attacks involving stolen or otherwise guessed passwords without requiring a second authentication method all the time. Online services typically set limits on what is still…

Cryptography and Security · Computer Science 2023-08-30 Jan-Phillip Makowski , Daniela Pöhn

Risk-based authentication (RBA) is used in online services to protect user accounts from unauthorized takeover. RBA commonly uses contextual features that indicate a suspicious login attempt when the characteristic attributes of the login…

Cryptography and Security · Computer Science 2024-03-19 Andre Büttner , Andreas Thue Pedersen , Stephan Wiefling , Nils Gruschka , Luigi Lo Iacono

Online services have difficulties to replace passwords with more secure user authentication mechanisms, such as Two-Factor Authentication (2FA). This is partly due to the fact that users tend to reject such mechanisms in use cases outside…

Cryptography and Security · Computer Science 2023-03-23 Vincent Unsel , Stephan Wiefling , Nils Gruschka , Luigi Lo Iacono

The proliferation of Internet services has led to an increasing need to protect private data. User authentication serves as a crucial mechanism to ensure data security. Although robust authentication forms the cornerstone of remote service…

Cryptography and Security · Computer Science 2024-12-18 Hamidreza Fereidouni , Abdelhakim Senhaji Hafid , Dimitrios Makrakis , Yaser Baseri

In recent cyber attacks, credential theft has emerged as one of the primary vectors of gaining entry into the system. Once attacker(s) have a foothold in the system, they use various techniques including token manipulation to elevate the…

Cryptography and Security · Computer Science 2022-11-30 Jaimandeep Singh , Chintan Patel , Naveen Kumar Chaudhary

Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…

Cryptography and Security · Computer Science 2014-02-27 Sharayu A. Aghav , RajneeshKaur Bedi

Multi-Factor Authentication is intended to strengthen the security of password-based authentication by adding another factor, such as hardware tokens or one-time passwords using mobile apps. However, this increased authentication security…

Cryptography and Security · Computer Science 2023-09-20 Sabrina Amft , Sandra Höltervennhoff , Nicolas Huaman , Alexander Krause , Lucy Simko , Yasemin Acar , Sascha Fahl

Balancing robust security with strong privacy guarantees is critical for Risk-Based Adaptive Authentication (RBA), particularly in decentralized settings. Federated Learning (FL) offers a promising solution by enabling collaborative risk…

Cryptography and Security · Computer Science 2025-09-23 Yaser Baseri , Abdelhakim Senhaji Hafid , Dimitrios Makrakis , Hamidreza Fereidouni

This paper investigates how to effectively stop an attacker from using compromised user credentials to gain authorized entry to systems that they are otherwise not authorised to access. The proposed solution extends previous work to move…

Cryptography and Security · Computer Science 2018-01-09 Roy Henha Eyono

Password authentication is a very important system security procedure to gain access to user resources. In the Traditional password authentication methods a server has check the authenticity of the users. In our proposed method users can…

Cryptography and Security · Computer Science 2011-12-13 A. S. N. Chakravarthy , Penmetsa V. Krishna Raja , Prof. P. S. Avadhani

Historically, the implementation of research-based assessments (RBAs) has been a driver of education change within physics and helped motivate adoption of interactive engagement pedagogies. Until recently, RBAs were given to students…

Physics Education · Physics 2022-06-29 Bethany Wilcox , Steven Pollock

One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login…

Cryptography and Security · Computer Science 2018-03-07 Abbas Acar , Hidayet Aksu , A. Selcuk Uluagac , Kemal Akkaya

Credential theft and remote attacks are the most serious threats to user authentication mechanisms. The crux of these problems is that we cannot control such behaviors. However, if a password does not contain user secrets, stealing it is…

Cryptography and Security · Computer Science 2024-06-03 Suyun Borjigin

A behavioral authentication (BA) system uses the behavioral characteristics of users to verify their identity claims. A BA verification algorithm can be constructed by training a neural network (NN) classifier on users' profiles. The…

Information Retrieval · Computer Science 2023-09-26 Md Morshedul Islam , Md Abdur Rafiq

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl
‹ Prev 1 2 3 10 Next ›