Password authentication with insecure communication
Communications of the ACM
Password Memorability and Security: Empirical Results
IEEE Security and Privacy
Proceedings of the 11th ACM conference on Computer and communications security
The MyProxy online credential repository: Research Articles
Software—Practice & Experience - Grid Security
Shemp: secure hardware enhanced myproxy
Shemp: secure hardware enhanced myproxy
PorKI: Making User PKI Safe on Machines of Heterogeneous Trustworthiness
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Password management strategies for online accounts
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
TwoKind authentication: usable authenticators for untrustworthy environments
Proceedings of the 3rd symposium on Usable privacy and security
Towards Trustworthy Kiosk Computing
HOTMOBILE '07 Proceedings of the Eighth IEEE Workshop on Mobile Computing Systems and Applications
Mobile token-based authentication on a budget
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
Hi-index | 0.00 |
Users often log in to Internet sites from insecure computers and more recently have started divulging their email passwords to social-networking sites, thereby putting their private communications at risk. We propose and evaluate TwoKind Authentication, a simple and effective technique for limiting access to private information in untrustworthy environments. In its simplest form, TwoKind offers two modes of authentication by providing a low and a high authenticator. By using a low authenticator, users can signal to the server that they are in an untrusted environment, following which the server restricts the user's actions. We seek to evaluate the effectiveness of multiple authenticators in promoting safer behavior in users. We demonstrate the effectiveness of this approach through a user experiment - we find that users make a distinction between the two authenticators and generally behave in a security-conscious way, protecting their high authenticator the ma jority of the time. Our study suggests that TwoKind will be beneficial to several Internet applications, particularly if the privileges associated with the low authenticator can be customized to a user's security preferences.