Keyboard acoustic emanations revisited
Proceedings of the 12th ACM conference on Computer and communications security
ClearShot: Eavesdropping on Keyboard Input from Video
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Acoustic Modems for Ubiquitous Computing
IEEE Pervasive Computing
A comparative usability evaluation of traditional password managers
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
| Hi-index | 0.00 |
Traditional textual password authentication techniques have numerous well documented security and usability flaws, yet have seen near universal deployment due to their desirable efficiency properties. As a result, many users who may prefer alternative authentication approaches are forced to use passwords or PINs on a daily basis due to a lack of control over third party servers. This work explores the use of a mobile device as a proxy for password management in an attempt to improve remote password authentication without making changes to remote servers. A universal proxy-based authentication framework is presented which allows users to employ a method of their own choice to authenticate locally to their mobile devices (e.g., biometrics or graphical passwords). The framework is also compatible with many communication channels between the mobile proxy and local terminal (e.g., Bluetooth or audio). To demonstrate the practicality of this general framework, a concrete implementation using an "out-of-band" audio channel, called PIN-Audio, is also provided. While existing password management solutions may provide a reasonable level of security for commonplace services, PIN-Audio is recommended for a user-friendly deployment for security critical applications, such as online banking.