all InfoSec news
Systematic Solutions to Login and Authentication Security: A Dual-Password Login-Authentication Mechanism
April 3, 2024, 4:10 a.m. | Yun Su, Mo Xi
cs.CR updates on arXiv.org arxiv.org
Abstract: Credential theft and remote attacks are the most serious threats to authentication mechanisms. The crux of the problems is that we cannot control such behaviors. However, if a password does not contain user's secrets, stealing it is useless. If unauthorized inputs are disabled, the remote attacks can be invalidated. Thereby, credential secrets and input fields to our accounts can be controlled. Rather than encrypting passwords, we design a dual-password login-authentication mechanism, where a user-selected secret-free …
arxiv attacks authentication authentication security control credential credential theft cs.cr cs.et cs.sy disabled eess.sy inputs login mechanism password problems secrets security serious solutions stealing theft threats unauthorized useless
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Data Privacy Manager m/f/d)
@ Coloplast | Hamburg, HH, DE
Cybersecurity Sr. Manager
@ Eastman | Kingsport, TN, US, 37660
KDN IAM Associate Consultant
@ KPMG India | Hyderabad, Telangana, India
Learning Experience Designer in Cybersecurity (f/m/div.) (Salary: ~113.000 EUR p.a.*)
@ Bosch Group | Stuttgart, Germany
Senior Security Engineer - SIEM
@ Samsara | Remote - US