Security Vulnerabilities of Popular Multifactor Authentication Methods and a Remedy.
Uloženo v:
| Název: | Security Vulnerabilities of Popular Multifactor Authentication Methods and a Remedy. |
|---|---|
| Autoři: | Zhao, Shushan |
| Zdroj: | Journal of Network & Information Security; 2023, Vol. 11 Issue 1, p20-27, 8p |
| Témata: | MULTI-factor authentication, INTERNET service providers, COMPUTER passwords, SECURITY management |
| Abstrakt: | Authentication is of paramount importance for online services. Many online services are still using password as single authentication method, but this is not considered secure any more. Many others have switched to multifactor authentication mechanism. Nowadays many online service providers use One-time Password (OTP) as a supplementary authentication method to verify identity of the user. There are two major methods to generate OTPs: Time-based One-time Password (TOTP) and HMAC-based One-time Password (HOTP). We notice that there are several limitations or weaknesses with both. In this work, we first show some security vulnerabilities of TOTP and HOTP, then we present security improvement methods. We analyze and discuss the security features of proposed solution. The solution is generic to all platforms and operating systems, and our analysis demonstrates that it addresses security vulnerabilities of them. [ABSTRACT FROM AUTHOR] |
| Copyright of Journal of Network & Information Security is the property of Publishing India Group and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Databáze: | Complementary Index |
Nájsť tento článok vo Web of Science Buďte první, kdo okomentuje tento záznam!