Litcius/Paper detail

More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication

Stephan Wiefling, Markus Dürmuth, Luigi Lo Iacono

2020Annual Computer Security Applications Conference35 citationsDOIOpen Access PDF

Abstract

Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code. RBA has the potential to offer more usable authentication, but the usability and the security perceptions of RBA are not studied well.

Topics & Concepts

UsabilityComputer sciencePasswordComputer securityAuthentication (law)Chip Authentication ProgramLoginLightweight Extensible Authentication ProtocolUSableMulti-factor authenticationChallenge–response authenticationInternet privacyAuthentication protocolWorld Wide WebHuman–computer interactionUser Authentication and Security SystemsPrivacy, Security, and Data ProtectionSpam and Phishing Detection