Weitere ähnliche Inhalte Ähnlich wie Improving Usable Authentication (20) Kürzlich hochgeladen (20) Improving Usable Authentication2. ©2011CarnegieMellonUniversity:2
Problems with Passwords
• People forget passwords
– Special characters, length, change every
4 weeks => wasted time, helpdesk costs
– NYTimes site 100k readers forget
password, 15% of “new” users are old
– Beverage company: 30% help desk calls
password-related, cost $900k / yr
4. ©2011CarnegieMellonUniversity:4
Passwords Also Don’t Scale Up
• Passwords good if you only have a few
• But passwords aren’t scaling as
devices and services become pervasive
– Laptop, mobile phone, VPN, email (x2),
Wii Fit, WiFi, ATM, PDFs, and dozens of
web sites
5. ©2011CarnegieMellonUniversity:5
Coping Mechanisms Cause Problems
• People cope by using weak passwords
– RockYou: Top 20 passwords used in 2.6%
accounts
• People cope by reusing passwords
– Breach on social networking site means
breach on your site too
– Ex. HBGary CEO used same password for
email, iPad, Twitter, LinkedIn
7. ©2011CarnegieMellonUniversity:7
Past Work: Use Your Illusion
• Problem:
– Hard to remember passwords
– Picture-based approaches are memorable
but easy to guess
• Solution:
– Use blurred pictures
to balance security
with usability
– User tests have shown
high memorability and
hard to guess
8. ©2011CarnegieMellonUniversity:8
Ongoing Research Projects
• WebTicket
– Cheap printable tokens
for a reliable way to log in
• Casual Authentication
– Modulate level of authentication needed
based on prior probability that it’s me
• Ex. Probability of me in Brazil is very low
• Ex. Probability of me at home is high
9. ©2011CarnegieMellonUniversity:9
WebTicket
• Originated from discussion of elderly
– Not only couldn’t remember password,
couldn’t remember what web site to go to
• Not trying to solve authentication for
power users
– Gaw and Felten found undergrads had
3.3 passwords for 7.8 accounts
– In our diary study, people had 11.4
accounts and often reused passwords
10. ©2011CarnegieMellonUniversity:10
How WebTicket Works
• Browser plug-in for
creating new accounts
– Strong passwords are assigned
– Users do not know their passwords
• Print out ticket
– Ticket is encrypted to work
only with specific computer(s)
– QRCode: URL, username, password
• To login, show ticket to webcam
– Can’t fall for phishing attacks
12. ©2011CarnegieMellonUniversity:12
WebTicket
• Design:
– Very cheap (paper + printer + webcam)
– Compatible with existing systems
– Easy to deploy
– Easy to teach: treat it like a house key
• Weaknesses:
– Not meant for commonly used passwords
– Tickets can get damaged or lost
– Need to store main encryption key
15. ©2011CarnegieMellonUniversity:15
WebTicket Study Results
• 1/4 of people using passwords could
not login again a week later
– Didn’t restrict what passwords people used
• Login time for WebTicket slower at first,
faster a week later
• WebTicket perceived as easier and faster
• Simulated phishing attack
– All in password condition fell for it
– 30% of people using WebTicket did
(though data still encrypted)
17. ©2011CarnegieMellonUniversity:17
Ongoing Work
• Can encode more data in the ticket
– QR Codes can hold 3k of data
– Ex. “Login only if in Cylab office or home”
– Ex. “Login only if parents at home”
– Ex. “Login only if between 5-8pm”
– Ex. “Notify parents when you login”
– Ex. Include face biometric data
• Field deployment of WebTicket
18. ©2011CarnegieMellonUniversity:18
Casual Authentication
• Observation:
– Level of authentication needed
is the same regardless of context
• Idea:
– Use commodity sensors + behavioral
analysis to estimate prior probabilities
(cheap multi-factor authentication)
– Modulate level of authentication needed
• In likely situations, make logins fast
• In unlikely situations, make it reliable
19. ©2011CarnegieMellonUniversity:19
Example Scenarios
• Scenario 1 – Mobile device
– Prior probability of me being in my office
is high, make authentication fast
– Prior probability of me being in Brazil is
low, so make authentication reliable
• Scenario 2 – Home
– Wake up in morning, go to computer
– Weight sensor in chair, height sensor
via Kinect, mobile device nearby
– Use face recognition to login (fast)
20. ©2011CarnegieMellonUniversity:20
Example Passive Factors
• Cheap, invisible, multi-factor
• Examples for mobile scenario
– Location
– IP address
– WiFi MAC address
– Bluetooth / devices nearby (smartphone)
– Tilt (how you hold device)
• Examples for work/home scenario
– Kinect for Height and Body shape
– Weight sensors
– Gait (how you walk)
22. ©2011CarnegieMellonUniversity:22
Examples of Location Context
• Personal frequency to that place
– Analysis of 20 people’s GPS locations
– 66.2% of time spent at home
– 20.2% - Work
– 6.3% - Some third place
• Where people login
– Diary study of 20 people over 2 weeks
– Home accounted for 59.2% of logins
– Work accounted for 25.1% of logins
– Public places, school, other: infrequent
25. ©2011CarnegieMellonUniversity:25
Other Kinds of Location Info
• Personal location info
– Personal frequency
– Mobility
• Place info
– Going beyond behavior analytics of
people to include analytics of places
– Churn – same people or different?
– Transience – amount of time spent
– Burst – Regularity of people seen
26. ©2011CarnegieMellonUniversity:26
Current Plan of Research
• Systematically evaluate passive factors
• Develop and evaluate threat models
• Techniques for integrating prior
probabilities
• Develop and deploy prototypes
– Mobile case
– Work/Home
• Evaluate security and usability
– Ease of use, time to login
– False accept rates, expert analysis