Related papers: SSH-Passkeys: Leveraging Web Authentication for Pa…
Secure Shell (SSH) protocol requires all implementations to support public key authentication method ("publickey") for authentication purposes, so web applications which provide a SSH client over the web browser need to support "publickey".…
With the rise of sophisticated authentication bypass techniques, passwords are no longer considered a reliable method for securing authentication systems. In recent years, new authentication technologies have shifted from traditional…
The use of passwords and the need to protect passwords are not going away. The majority of websites that require authentication continue to support password authentication. Even high-security applications such as Internet Banking portals,…
Passwords are a fragile, inadequate, and insecure tool for authenticating users, and are especially fraught with problems when used to secure access to network resources and services. In many cases, passwords provide a false sense of…
Passwordless authentication was first tested for seamless and secure merchant payments without the use of passwords or pins. It opened a whole new world of authentications giving up the former reliance on traditional passwords. It relied on…
The SSH protocol was designed in the late nineties to cope with the security problems of the telnetf family of protocols. It brought authentication and confidentiality to remote access protocols and is now widely used. Almost 30 years after…
The SSH protocol provides secure access to network services, particularly remote terminal login and file transfer within organizational networks and to over 15 million servers on the open internet. SSH uses an authenticated key exchange to…
Passwords are undoubtedly the most dominant user authentication mechanism on the web today. Although they are inexpensive and easy-to-use, security concerns of password-based authentication are serious. Phishing and theft of password…
Passkeys have recently emerged as a passwordless authentication mechanism, yet their usability in captive portals remains unexplored. This paper presents an empirical, comparative usability study of passkeys and passwords in a Wi-Fi hotspot…
Even though passwordless authentication to online accounts offers greater security and protection from attack, passwords remain prevalent. Passwordless authentication adoption is impacted by the slow adoption of external hardware keys…
The SSH protocol is commonly used to access remote systems on the Internet, as it provides an encrypted and authenticated channel for communication. If upon establishing a new connection, the presented server key is unknown to the client,…
Credential theft and remote attacks are the most serious threats to user authentication mechanisms. The crux of these problems is that we cannot control such behaviors. However, if a password does not contain user secrets, stealing it is…
The majority of current web authentication is built on username/password. Unfortunately, password replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose a new mutual authentication…
APIs (Application Programming Interfaces) or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and…
The challenge of achieving passwordless user authentication is real given the prevalence of web applications that keep asking passwords. Complicating this issue further, in an enterprise environment, a single sign-on (SSO) service is often…
The advent of end-to-end encrypted (E2EE) messaging and backup services has brought new challenges for usable authentication. Compared to regular web services, the nature of E2EE implies that the provider cannot recover data for users who…
The Smart home possesses the capability of facilitating home services to their users with the systematic advance in The Internet of Things (IoT) and information and communication technologies (ICT) in recent decades. The home service…
Social authentication has been suggested as a usable authentication ceremony to replace manual key authentication in messaging applications. Using social authentication, chat partners authenticate their peers using digital identities…
Password-authenticated identities, where users establish username-password pairs with individual servers and use them later on for authentication, is the most widespread user authentication method over the Internet. Although they are…
This paper presents a novel pre-shared key (PSK) agreement scheme to establish a secure connection between a Wi-Fi client and access point (AP) without prior knowledge of a password. The standard IEEE 802.11 security method, Robust Security…