CISPA
Browse

A Comparative Long-Term Study of Fallback Authentication Schemes

Download (1.34 MB)
conference contribution
posted on 2024-07-10, 14:03 authored by Leona Lassak, Philipp Markert, Maximilian GollaMaximilian Golla, Elizabeth Stobert, Markus Dürmuth
.Fallback authentication, the process of re-establishing access to an account when the primary authenticator is unavailable, holds critical significance. Approaches range from secondary channels like email and SMS to personal knowledge questions (PKQs) and social authentication. A key difference to primary authentication is that the duration between enrollment and authentication can be much longer, typically months or years. However, few systems have been studied over extended timeframes, making it difficult to know how well these systems truly help users recover their accounts. We also lack meaningful comparisons of schemes as most prior work examined two mechanisms at most. We report the results of a long-term user study of the usability of fallback authentication over 18 months to provide a fair comparison of the four most commonly used fallback authentication methods. We show that users prefer email and SMS-based methods, while mechanisms based on PKQs and trustees lag regarding successful resets and convenience.

History

Primary Research Area

  • Empirical and Behavioral Security

Name of Conference

International Conference on Human Factors in Computing Systems (CHI)

Page Range

1-19

Publisher

ACM

Open Access Type

  • Hybrid

BibTeX

@conference{Lassak:Markert:Golla:Stobert:Dürmuth:2024, title = "A Comparative Long-Term Study of Fallback Authentication Schemes", author = "Lassak, Leona" AND "Markert, Philipp" AND "Golla, Maximilian" AND "Stobert, Elizabeth" AND "Dürmuth, Markus", year = 2024, month = 5, pages = "1--19", publisher = "ACM", doi = "10.1145/3613904.3642889" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC