In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018)
Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018)
Title: The Quest to Replace Passwords Revisited – Rating Authentication Schemes
Author(s): Verena Zimmermann, Nina Gerber, Marius Kleboth, Alexandra von Preuschen, Konstantin Schmidt, Peter Mayer
Keywords: Authentication Scheme, Password, Rating, ACCESS
Abstract: Six years ago Bonneau et al. (2012) proposed a framework to comparatively evaluate authentication schemes. They applied their framework to 35 different authentication schemes to identify alternatives to the ubiquitous text password. However, in their work no sole authentication scheme proved to be suitable for every application scenario, hence the quest to replace passwords has not yet been solved. This paper revisits the rating process and describes the application of an extended version of the original framework to an additional 40 authentication schemes identified in a literature review. All schemes were rated in terms of 25 objective features assigned to the three main criteria usability, deployability, and security. The rating process and results are presented along with a discussion of the benefits and pitfalls of the rating process. Our goal thereby is not to claim victory over text passwords, but to help decision makers in identifying suitable authentication schemes for their specific application scenario. The results were also made publicly available in an authentication choice support system named ACCESS to foster the further extension of the knowledge base and future development of the rating process.
Download count: 514
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.