all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Privacy Considerations for Risk-Based Authentication Systems. (arXiv:2301.01505v1 [cs.CR])

Add to bookmarks
Jan. 5, 2023, 2:10 a.m. | Stephan Wiefling, Jan Tolsdorf, Luigi Lo Iacono

cs.CR updates on arXiv.org arxiv.org

Risk-based authentication (RBA) extends authentication mechanisms to make
them more robust against account takeover attacks, such as those using stolen
passwords. RBA is recommended by NIST and NCSC to strengthen password-based
authentication, and is already used by major online services. Also, users
consider RBA to be more usable than two-factor authentication and just as
secure. However, users currently obtain RBA's high security and usability
benefits at the cost of exposing potentially sensitive personal data (e.g., IP
address or browser information). …

account account takeover account takeover attacks attacks authentication benefits cost exposing factor high major ncsc nist online services password passwords privacy risk risk-based authentication security services stolen stolen passwords systems takeover usability

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Differentially private Bayesian tests 1 day, 23 hours ago | arxiv.org
arxiv confidential cornerstone cs.cr +16
On the Learnability of Watermarks for Language Models 1 day, 23 hours ago | arxiv.org
arxiv ask can cs.cl +12
Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image … 1 day, 23 hours ago | arxiv.org
applications arxiv attack cs.cr +14
On the Reliability of Watermarks for Large Language Models 1 day, 23 hours ago | arxiv.org
arxiv bots cs.cl cs.cr +23
A Watermark for Large Language Models 1 day, 23 hours ago | arxiv.org
arxiv can cs.cl cs.cr +13
Asymmetric Distributed Trust 1 day, 23 hours ago | arxiv.org
abstraction algorithms arxiv can +12
Read Disturbance in High Bandwidth Memory: A Detailed Experimental Study on HBM2 DRAM Chips 1 day, 23 hours ago | arxiv.org
arxiv bandwidth chips cs.ar +5
ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation 1 day, 23 hours ago | arxiv.org
access address area arxiv +17
A Case Study of Large Language Models (ChatGPT and CodeBERT) for Security-Oriented Code Analysis 1 day, 23 hours ago | arxiv.org
analysis arxiv can capabilities +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

DevSecOps Engineer

@ Material Bank | Remote
View on infosec-jobs.com

Instrumentation & Control Engineer - Cyber Security

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Consultant

@ Tenable | MD - Columbia - Headquarters
View on infosec-jobs.com

Management Consultant - Cybersecurity - Internship

@ Wavestone | Hong Kong, Hong Kong
View on infosec-jobs.com

TRANSCOM IGC - Cybersecurity Engineer

@ IT Partners, Inc | St. Louis, Missouri, United States
View on infosec-jobs.com

Manager, Security Operations Engineering (EMEA)

@ GitLab | Remote, EMEA
View on infosec-jobs.com
View more jobs