Skip to content

SecuriCast: Zero-Touch Two-Factor Authentication using WebBluetooth

License

Notifications You must be signed in to change notification settings

mmbuw/securicast

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SecuriCast: Zero-Touch Two-Factor Authentication using WebBluetooth

Companion repository to the research paper presented at EICS 2019 (https://dl.acm.org/citation.cfm?id=3328225)

Simple username/password logins are widely used on the web, but are susceptible to multiple security issues, such as database leaks, phishing, and password re-use. Two-factor authentication is one way to mitigate these issues, but suffers from low user acceptance due to (perceived) additional effort.

We introduce SecuriCast, a method to provide two-factor authentication using WebBluetooth as a secondary channel between an unmodified web browser and the user's smartphone. Depending on the usage scenario and the desired level of security, no device switch and only minimal additional interaction is required from the user. We analyse SecuriCast based on the framework by Bonneau et al., briefly report on results from a user study with 30 participants demonstrating performance and perceived usability of SecuriCast, and discuss possible attack scenarios and extensions.

Smartwatch running SecuriCast with browser in background

About

SecuriCast: Zero-Touch Two-Factor Authentication using WebBluetooth

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published