Our simulation result evaluation shows that, although our technique does add a layer of indirectness that lessens usability participants were willing to trade-off that usability for enhanced security once they became aware of the potential threats when using an untrusted computer. The security protocol is analyzed against an adversary model this evaluation proves that our method is safe against various attacks, most importantly key logging, shoulder surfing, and phishing attacks. We also present an analysis of the security and usability of this mechanism. By Adding an SMS-based mechanism is implemented as both a backup mechanism for retrieving the password and as a possible mean of synchronization. Our approach uses a combination of onetime passwords, as the first authentication aspect, and credentials stored on a mobile device, as the second aspect, to offer a strong and secure authentication approach. In this paper, we present a strong authentication mechanism that exploits the use of mobile devices to provide a two-aspect authentication system.
Relying on the personalized and trusted nature of such devices, security features can be deployed on them in order to uniquely identify a user to a service provider. Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size.
0 kommentar(er)
