all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Pump Up Password Security! Evaluating and Enhancing Risk-Based Authentication on a Real-World Large-Scale Online Service. (arXiv:2206.15139v2 [cs.CR] UPDATED)

Add to bookmarks
Nov. 11, 2022, 2:20 a.m. | Stephan Wiefling, Paul René Jørgensen, Sigurd Thunem, Luigi Lo Iacono

cs.CR updates on arXiv.org arxiv.org

Risk-based authentication (RBA) aims to protect users against attacks
involving stolen passwords. RBA monitors features during login, and requests
re-authentication when feature values widely differ from previously observed
ones. It is recommended by various national security organizations, and users
perceive it more usable and equally secure than equivalent two-factor
authentication. Despite that, RBA is still only used by very few online
services. Reasons for this include a lack of validated open resources on RBA
properties, implementation, and configuration. This effectively …

authentication large password password security risk risk-based authentication scale security service world

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Shake to Leak: Fine-tuning Diffusion Models Can Amplify the Generative Privacy Risk 8 hours ago | arxiv.org
amplify arxiv can cs.cr +8
Delocate: Detection and Localization for Deepfake Videos with Randomly-Located Tampered Traces 8 hours ago | arxiv.org
address arxiv cs.cr cs.cv +12
Artwork Protection Against Neural Style Transfer Using Locally Adaptive Adversarial Color Attack 8 hours ago | arxiv.org
adversarial artwork arxiv attack +17
Difficulties in Dynamic Analysis of Drone Firmware and Its Solutions 8 hours ago | arxiv.org
advancement analysis applications arxiv +22
Circuit complexity and functionality: a thermodynamic perspective 8 hours ago | arxiv.org
arxiv complexity computation computational +14
On the Two-sided Permutation Inversion Problem 8 hours ago | arxiv.org
access arxiv challenge complexity +10
Versatile Backdoor Attack with Visible, Semantic, Sample-Specific, and Compatible Triggers 8 hours ago | arxiv.org
arxiv attack attacks backdoor +19
Interpretation of Neural Networks is Susceptible to Universal Adversarial Perturbations 8 hours ago | arxiv.org
adversarial algorithms application arxiv +19
Quantum copy-protection of compute-and-compare programs in the quantum random oracle model 8 hours ago | arxiv.org
arxiv can ccc compute +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Penetration Tester

@ Resillion | Bengaluru, India
View on infosec-jobs.com

Senior Backend Software Engineer (Java) - Privacy Engineering (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com

(Senior) Information Security Professional (w/m/d)

@ IONOS | Deutschland - Remote
View on infosec-jobs.com

Information Security (Incident Response) Intern

@ Eurofins | Katowice, Poland
View on infosec-jobs.com

Game Penetration Tester

@ Magic Media | Belgrade, Vojvodina, Serbia - Remote
View on infosec-jobs.com
View more jobs