Improving Security of Two-Factor Authentication Systems
Texas A&M Engineering News, Stephanie Jones, April 14, 2022
An international team of researchers led by Texas A&M University's Nitesh Saxena created new techniques to enhance the security of push notification-based two-factor authentication systems. Saxena said the REPLICATE method better defends against concurrent login attacks. "If a user receives two notifications, the notification that corresponds to the browser's session of the attacker will differ," said Saxena, so "the user should be able to detect that something is amiss and not accept the wrong notification." REPLICATE requires users to approve login attempts by replicating a randomized interaction presenting on the browser session over on the login notification. This will block a concurrency attack, because the validating interaction will diverge from the interaction the attacker must perform. .... '
No comments:
Post a Comment