Publication details

Home Publications Publication details

Authentication based upon secret knowledge and its resilience to impostors
Zekri L, Furnell SM
Advances in Network & Communication Engineering 3, pp30-38, 2006
Can be ordered on-line.
Download links:  Download PDF

This paper presents an assessment made on an alternative to the present password and PIN-based methods of user authentication. In the recent years, many alternative authentication methods emerged, but none of them seems to have been a major breakthrough. Nevertheless, two techniques emerged as potentially efficient: image-based authentication and cognitive question and answer techniques. Even if the viability of these techniques has been proved, little research has assessed the resilience of the methods to impostors. Therefore, an environment has been created to test the robustness of the alternative techniques. The evaluation comprises both a theoretical and a pragmatic analysis to rate the robustness of the methods. The results show that the methods are vulnerable in different ways, with PassImages susceptible to phishing and shoulder surfing, whereas cognitive questions can be targeted via social engineering.

Zekri L, Furnell SM