OpenID-enabled browser: towards usable and secure web single sign-on

  • Authors:

  • San-Tsai Sun;Eric Pospisil;Ildar Muslukhov;Nuray Dindar;Kirstie Hawkey;Konstantin Beznosov

  • Affiliations:

  • University of British Columbia, Vancouver, BC, Canada;University of British Columbia, Vancouver, BC, Canada;University of British Columbia, Vancouver, Canada;University of British Columbia, Vancouver, BC, Canada;Dalhousie University, Halifax, NS, Canada;University of British Columbia, Vancouver, BC, Canada

  • Venue:
  • CHI '11 Extended Abstracts on Human Factors in Computing Systems
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

OpenID is an open and promising Web single sign-on solution; however, the interaction flows provided by OpenID are inconsistent, counter-intuitive, and vulnerable to phishing attacks. In this work, we investigated the challenges web users face when using OpenID for authentication, and designed a phishing-resistant, privacy-preserving browser add-on to provide a consistent and intuitive single sign-on user experience for the average web users.