Reynolds et al., 2018 - Google Patents
A tale of two studies: The best and worst of yubikey usabilityReynolds et al., 2018
View PDF- Document ID
- 1731350266025438258
- Author
- Reynolds J
- Smith T
- Reese K
- Dickinson L
- Ruoti S
- Seamons K
- Publication year
- Publication venue
- 2018 IEEE Symposium on Security and Privacy (SP)
External Links
Snippet
Two-factor authentication (2FA) significantly improves the security of password-based authentication. Recently, there has been increased interest in Universal 2nd Factor (U2F) security keys-small hardware devices that require users to press a button on the security key …
- 238000000034 method 0 abstract description 24
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual entry or exit registers
- G07C9/00007—Access-control involving the use of a pass
- G07C9/00031—Access-control involving the use of a pass in combination with an identity-check of the pass-holder
- G07C9/00071—Access-control involving the use of a pass in combination with an identity-check of the pass-holder by means of personal physical data, e.g. characteristic facial curves, hand geometry, voice spectrum, fingerprints
- G07C9/00087—Access-control involving the use of a pass in combination with an identity-check of the pass-holder by means of personal physical data, e.g. characteristic facial curves, hand geometry, voice spectrum, fingerprints electronically
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual entry or exit registers
- G07C9/00126—Access control not involving the use of a pass
- G07C9/00134—Access control not involving the use of a pass in combination with an identity-check
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Reynolds et al. | A tale of two studies: The best and worst of yubikey usability | |
| Pearman et al. | Why people (don't) use password managers effectively | |
| Farke et al. | {“You} still use the password after {all”}–Exploring {FIDO2} Security Keys in a Small Company | |
| Lyastani et al. | Is FIDO2 the kingslayer of user authentication? A comparative usability study of FIDO2 passwordless authentication | |
| Reese et al. | A usability study of five {two-factor} authentication methods | |
| Das et al. | A qualitative study on usability and acceptability of Yubico security key | |
| Sun et al. | What makes users refuse web single sign-on? An empirical investigation of OpenID | |
| Ruoti et al. | Authentication melee: A usability analysis of seven web authentication systems | |
| Lassak et al. | " It's Stored, Hopefully, on an Encrypted Server'': Mitigating Users' Misconceptions About {FIDO2} Biometric {WebAuthn} | |
| Dosono et al. | {“I’m}{Stuck!”}: A Contextual Inquiry of People with Visual Impairments in Authentication | |
| Chiasson et al. | A Usability Study and Critique of Two Password Managers. | |
| US10911440B2 (en) | Timing array as credentials | |
| Owens et al. | User perceptions of the usability and security of smartphones as {FIDO2} roaming authenticators | |
| Barbosa et al. | UniPass: design and evaluation of a smart device-based password manager for visually impaired users | |
| US10587594B1 (en) | Media based authentication | |
| Das et al. | Non-inclusive online security: older adults' experience with two-factor authentication | |
| Keil et al. | “It’s Just a Lot of Prerequisites”: A User Perception and Usability Analysis of the German ID Card as a FIDO2 Authenticator | |
| Reese | Evaluating the usability of two-factor authentication | |
| McCarney | Password managers: Comparative evaluation, design, implementation and empirical analysis | |
| Suoranta et al. | Logout in single sign-on systems: Problems and solutions | |
| Das et al. | Security mandates are pervasive: An inter-school study on analyzing user authentication behavior | |
| CA2955448C (en) | Using timing of character input to verify password | |
| Whalen et al. | Let the right one in: attestation as a usable {CAPTCHA} alternative | |
| Erinola et al. | “As Usual, I Needed Assistance of a Seeing Person”: Experiences and Challenges of People with Disabilities and Authentication Methods | |
| Smith et al. | " If I could do this, I feel anyone {could:}" The Design and Evaluation of a Secondary Authentication Factor Manager |