A review of Two Factor Authentication Security Challenges in the Cyberspace
Abstract
Today, single-factor authentication, e.g. Passwords, is no longer considered secure on the cyberspace and electronic learning environment. With the advancement of technology, passwords are becoming easier for cyber-attacks to forcibly test and eventually guess passwords or harvest them with technologies such as keystroke loggers. Two factor Authentication (2FA) has been recently introduced to overcome this problem by providing an additional layer of security using secondary means (ownership factor or inherent factor), however, the users of 2FA are still facing challenges such as delays in receiving SMS codes, expiry of codes before use, burden of carrying hardware tokens all the time and in some instances payment for incoming SMS. A review of literature on studies conducted on two factor authentication security issues and challenges is done in this paper. The paper concludes that 2FA has a number of challenges ranging from the cost of manufacturing tokens, maintaining codes, distribution of millions of tokens to users and delays in receiving verification codes. Therefore, based on the findings, the study recommends that other studies be conducted on an alternative multifactor authentication schemes that are easy to use and will protect users in an appropriate manner.
Downloads
References
. Adetoba, Kuyolo, “E-learning security issues and challenges: A review.” Journal of Scientific Research and Studies (2016): vol. 3(5), 96-100.
. Asoke, N., & Tanushree, M. “Issues and Challenges in Two Factor Authentication Algorithms.” International Journal of Latest Trends in Engineering and Technology, ( 2017): 325-327.
. Busold, & Wachsmann. “Smart keys for cyber cars Secure smartphone-based NFC-enabled car immobiliser.” In Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy (2018): 233-242.
. Chiasson, & Bidle. “Helping Users Create Better Passwords.” Is This the Right Approach 3rd Symposium on Usable Privacy and Security? (2013): 60-69.
. Egelman, B. “It’s Not Stealing If You Need It: A panel on the Ethics of Performing Research Using Public Data of Illicit Origin.” Financial Cryptography and Data Security (2016): 34638-3642.
. Emiliano, Honglu &. “A Comparative Usability Study of Two-Factor Authentication.” Two-Factor Authentication. (2018).
. Enarous, & Kadri. “A Survey on Cyber Security Evolution and Threats.” Biometric Authentication Solutions In Biometric Security and Privacy; Springer, ( 2017): 371-411.
. Fadi Alou, & Syed Zahidi. “Multi-Factor Authentication Using Mobile Phones.”
. Fredrik., Niklas &. “Selecting and implementing a two-factor authentication method for a digital assessment platform.” Two-Factor Authentication, (2017): 50-60. dec.
. Gärdekrans, R. "Password Behaviour:." A Study in Cultrual and Gender defferences . skovede. (2017).
. Hay, L. “Wired.” May 2021. https://www.wired.com/story/google-two-factor-authentication-default/.
. Jenkins, J. “Improving Password Cybersecurity Through Inexpensive and Minimally Invasive Means: Detecting and Deterring Password Reuse Through Keystroke-Dynamics Monitoring and Just-in-Time Fear Appeals.” Information Technology for Development. (2017).
. Katta, S. “Two Factor Authentication System using Intervened password and Color Pattern.” International Journal of Scientific & Engineering Research. (2015).
. Kaur, R. “Multi-Factor Authentication: Meaning, Advantages and Disadvantages. Retrieved from: Techthisty.” 25 February 2022. https://www.techthirsty.com/multi-factor-authentication-meaning-advantages-and-disadvantages/.
. Lab, K., “secure list Retrieved from Keyloggers” March 2021. https://securelist.com/keyloggers-how-they-work-and-how-to-detect-them-part-1/36138.
. Mare, S. “A Study of Authentication in Daily Life.” Open access to the Proceedings of the Twelfth Symposium on Usable Privacy and Security (2017).
. Ometov, A. “Multi-Factor Authentication”, Cryptography (2018).
. Sarohi, & Khan. “Graphical Password Authentication Schemes.” Current Status and Key Issues: International Journal of Computer Science Issues ( 2014): 437-443.
. Shyam, K. “Two Factor Authentication System using Intervened password and Color Pattern..” International Journal of Scientific & Engineering Research ( 2017).
. Taneski, V. H. “Password security – No change in 35 years. .” 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO (2017).
. Thatha, R. “Computer weekly, Limitations of two-factor authentication (2FA) technology”, June 2015. https://www.computerweekly.com/tip/Limitations-of-two-factor-authentication-2FA-technology.
. Thorpe, S. “SMS for 2FA: What Are Your Security Options?” January 2016. https://authy.com/blog/security-of-sms-for-2fa-what-are-your-options/.