More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication
Stephan Wiefling, Markus Dürmuth, Luigi Lo Iacono
Abstract
Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code. RBA has the potential to offer more usable authentication, but the usability and the security perceptions of RBA are not studied well.
Topics & Concepts
UsabilityComputer sciencePasswordComputer securityAuthentication (law)Chip Authentication ProgramLoginLightweight Extensible Authentication ProtocolUSableMulti-factor authenticationChallenge–response authenticationInternet privacyAuthentication protocolWorld Wide WebHuman–computer interactionUser Authentication and Security SystemsPrivacy, Security, and Data ProtectionSpam and Phishing Detection