English
Related papers

Related papers: Risk-Based Authentication for OpenStack: A Fully F…

200 papers

Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when feature values widely differ from previously observed ones. It is…

Cryptography and Security · Computer Science 2022-11-11 Stephan Wiefling , Paul René Jørgensen , Sigurd Thunem , Luigi Lo Iacono

Risk-based authentication (RBA) aims to protect end-users against attacks involving stolen or otherwise guessed passwords without requiring a second authentication method all the time. Online services typically set limits on what is still…

Cryptography and Security · Computer Science 2023-08-30 Jan-Phillip Makowski , Daniela Pöhn

Risk-based authentication (RBA) extends authentication mechanisms to make them more robust against account takeover attacks, such as those using stolen passwords. RBA is recommended by NIST and NCSC to strengthen password-based…

Cryptography and Security · Computer Science 2023-01-05 Stephan Wiefling , Jan Tolsdorf , Luigi Lo Iacono

Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones,…

Cryptography and Security · Computer Science 2020-10-02 Stephan Wiefling , Markus Dürmuth , Luigi Lo Iacono

Risk-based Authentication (RBA) is an adaptive security measure that improves the security of password-based authentication by protecting against credential stuffing, password guessing, or phishing attacks. RBA monitors extra features…

Cryptography and Security · Computer Science 2020-09-15 Stephan Wiefling , Tanvi Patil , Markus Dürmuth , Luigi Lo Iacono

Risk-based authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional implicit features during password entry such as device or geolocation information, and requests additional…

Cryptography and Security · Computer Science 2020-03-18 Stephan Wiefling , Luigi Lo Iacono , Markus Dürmuth

Risk-based authentication (RBA) aims to strengthen password-based authentication rather than replacing it. RBA does this by monitoring and recording additional features during the login process. If feature values at login time differ…

Cryptography and Security · Computer Science 2021-10-26 Stephan Wiefling , Markus Dürmuth , Luigi Lo Iacono

Risk-based authentication (RBA) is used in online services to protect user accounts from unauthorized takeover. RBA commonly uses contextual features that indicate a suspicious login attempt when the characteristic attributes of the login…

Cryptography and Security · Computer Science 2024-03-19 Andre Büttner , Andreas Thue Pedersen , Stephan Wiefling , Nils Gruschka , Luigi Lo Iacono

The proliferation of Internet services has led to an increasing need to protect private data. User authentication serves as a crucial mechanism to ensure data security. Although robust authentication forms the cornerstone of remote service…

Cryptography and Security · Computer Science 2024-12-18 Hamidreza Fereidouni , Abdelhakim Senhaji Hafid , Dimitrios Makrakis , Yaser Baseri

To prevent password breaches and guessing attacks, banks increasingly turn to two-factor authentication (2FA), requiring users to present at least one more factor, such as a one-time password generated by a hardware token or received via…

Cryptography and Security · Computer Science 2015-01-20 Kat Krol , Eleni Philippou , Emiliano De Cristofaro , M. Angela Sasse

Two-factor authentication (2FA) offers several security benefits that security-conscious users might expect from high-value services such as online banks. In this work, we present our preliminary study to develop a scoring scheme to…

Cryptography and Security · Computer Science 2022-02-15 Srivathsan G. Morkonda , AbdelRahman Abdou

In recent cyber attacks, credential theft has emerged as one of the primary vectors of gaining entry into the system. Once attacker(s) have a foothold in the system, they use various techniques including token manipulation to elevate the…

Cryptography and Security · Computer Science 2022-11-30 Jaimandeep Singh , Chintan Patel , Naveen Kumar Chaudhary

The digital age requires strong security measures to protect online activities. Two-Factor Authentication (2FA) has emerged as a critical solution. However, its implementation presents significant challenges, particularly in terms of…

Cryptography and Security · Computer Science 2025-02-18 Alexander Lengert

This paper investigates how to effectively stop an attacker from using compromised user credentials to gain authorized entry to systems that they are otherwise not authorised to access. The proposed solution extends previous work to move…

Cryptography and Security · Computer Science 2018-01-09 Roy Henha Eyono

Attacks targeting several millions of non-internet based application users are on the rise. These applications such as SMS and USSD typically do not benefit from existing multi-factor authentication methods due to the nature of their…

Cryptography and Security · Computer Science 2020-10-16 Andrew Kinai , Fred Otieno , Nelson Bore , Komminist Weldemariam

Security vulnerabilities of traditional single factor authentication has become a major concern for security practitioners and researchers. To mitigate single point failures, new and technologically advanced Multi-Factor Authentication…

Cryptography and Security · Computer Science 2019-08-19 Sanchari Das , Bingxing Wang , Zachary Tingle , L. Jean Camp

This study investigates the effectiveness of multifactor authentication (MFA) in protecting commercial accounts from unauthorized access, with an additional focus on accounts with known credential leaks. We employ the benchmark-multiplier…

Cryptography and Security · Computer Science 2023-05-02 Lucas Augusto Meyer , Sergio Romero , Gabriele Bertoli , Tom Burt , Alex Weinert , Juan Lavista Ferres

Two-factor authentication (2FA) schemes that rely on a combination of knowledge factors (e.g., PIN) and device possession have gained popularity. Some of these schemes remain secure even against strong adversaries that (a) observe the…

Cryptography and Security · Computer Science 2022-08-08 Steven J. Murdoch , Aydin Abadi

To protect users from data breaches and phishing attacks, service providers typically implement two-factor authentication (2FA) to add an extra layer of security against suspicious login attempts. However, since 2FA can sometimes hinder…

Cryptography and Security · Computer Science 2024-11-19 Zhi Wang , Xin Yang , Du Chen , Han Gao , Meiqi Tian , Yan Jia , Wanpeng Li

Traditional single-factor authentication possesses several critical security vulnerabilities due to single-point failure feature. Multi-factor authentication (MFA), intends to enhance security by providing additional verification steps.…

Cryptography and Security · Computer Science 2019-08-19 Sanchari Das , Bingxing Wang , L. Jean Camp
‹ Prev 1 2 3 10 Next ›