Two-factor authentication (2FA) comparison of methods and applications

• Autorzy: Florczak Sebastian , Jasiak Adrian , Szczygieł Izabela

Identyfikatory

DOI

10.5281/zenodo.10050024

• Języki publikacji: EN

Abstrakty

EN

In this document, the investigation delves into the realm of two-factor authentication (2FA), exploring its applications and comparing various methods of implementation. Two-factor authentication, often referred to colloquially as two-step verification, serves to enhance credential security during login processes across platforms such as Facebook and online banking, among others. While 2FA has significantly improved the security of the login and registration processes, it is noteworthy that its adoption tends to be more prevalent among younger individuals. Unfortunately, an increasing number of financial scams target older individuals who may be disinclined to engage with what they perceive as the complexity of multi-step authentication and password confirmation. Subsequent chapters provide a discussion of the various types of two-factor authentication, furnish detailed descriptions, and offer a summary of the benefits and gains achievable through the deployment of 2FA.

Słowa kluczowe

EN

cybersecurity; authentication; two-factor authentication; 2FA

PL

bezpieczeństwo cybernetyczne; uwierzytelnianie; uwierzytelnianie dwuskładnikowe; 2FA

• Wydawca: Patryk Organiściak
• Czasopismo: Advances in Web Development Journal
• Rocznik: 2023
• Tom: Vol. 1
• Strony: 26--45
• Opis fizyczny: Bibliogr. 15 poz., rys., tab.

Twórcy

autor

Florczak Sebastian

• University of Information Technology and Management

autor

Jasiak Adrian

• University of Information Technology and Management

autor

Szczygieł Izabela

• Rzeszow University of Technology, Department of Complex Systems, Poland

Bibliografia

• [1] Aloul, F., Zahidi, S., & El-Hajj, W. (2009). Two factor authentication using mobile phones. 2009 IEEE/ACS International Conference on Computer Systems and Applications, 641–644. doi: 10.1109/AICCSA.2009.5069395
• [2] Schneier, B. (2005). Two-Factor Authentication: Too Little, Too Late. Commun. ACM, 48(4), 136
• [3] Simmons, G. (1988). A survey of information authentication. Proceedings of the IEEE, 76(5), 603-620.
• [4] Ali, G., Ally Dida, M., & Elikana Sam, A. (2020). Two-Factor Authentication Scheme for Mobile Money: A Review of Threat Models and Countermeasures. Future Internet, 12(10), 160. MDPI AG. Retrieved from http://dx.doi.org/10.3390/fi12100160
• [5] Czym właściwie jest uwierzytelnianie dwuskładnikowe?, gdata, https://gdata.pl/przewodnik/czym-wlasciwie-jest-uwierzytelnianie-dwuskladnikowe
• [6] Network Expert, https://networkexpert.pl/cyberbezpieczenstwo/fortigate/metody-uwierzytelniania-wurzadzeniach-fortigate-fortigate-firewall-authentication/
• [7] 2FA Directory, https://2fa.directory/pl/
• [8] Strona Zaufana Trzecia Strona, https://zaufanatrzeciastrona.pl
• [9] Trickbot pushing a 2fa bypass app to bankcustomers in Germany https://securityintelligence.com/posts/trickbot-pushing-a-2fa-bypass-app-to-bankcustomers-in-germany/
• [10] Yubico, https://yubico.com
• [11]Fido2,WebauthnandU2FSupportedSites(FullList),https://buybitcoinworldwide.com/dongle-auth/
• [12] Kunnemann, G. (2013). YubiSecure? Formal Security Analysis Results for the Yubikey and YubiHSM. In Security and Trust Management (pp. 257–272). Springer Berlin Heidelberg
• [13] Bank Millenium, https://www.bankmillennium.pl/przedsiebiorstwa/bankowosc-elektroniczna/bank-winternecie/millenet/bezpieczenstwo/token-sprzetowy-z-czytnikiem
• [14] Two Factor Auth (2FA), https://brainstation.io/cybersecurity/two-factor-auth
• [15] Klucz zabezpieczeń U2F, ING, https://www.ing.pl/wiem/bezpieczenstwo/klucz-zabezpieczen-u2f-jak-to-dziala

Uwagi

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).