2-clickAuth - Optical Challenge-Response Authentication using Mobile Handsets
2011 (English)In: International Journal on Mobile Computing and Multimedia Communications, ISSN 1937-9412, E-ISSN 1937-9404, Vol. 3, no 2, 1-18 p.Article in journal (Refereed) Published
Internet users often have usernames and passwords at multiple web sites. To simplify things, many sites support federated identity management, which enables users to have a single account allowing them to log on to different sites by authenticating to a single identity provider. Most identity providers perform authentication using a username and password. Should these credentials be compromised, all of the user’s accounts become compromised. Therefore a more secure authentication method is desirable. This paper implements 2-clickAuth, a multimedia-based challenge-response solution which uses a web camera and a camera phone for authentication. Two-dimensional barcodes are used for the communication between phone and computer, which allows 2-clickAuth to transfer relatively large amounts of data in a short period of time. 2-clickAuth is more secure than passwords while easy to use and distribute. 2-clickAuth is a viable alternative to passwords in systems where enhanced security is desired, but availability, ease-of-use, and cost cannot be compromised. This paper implements an identity provider in the OpenID federated identity management system that uses 2-clickAuth for authentication, making 2-clickAuth available to all users of sites that support OpenID, including Facebook, Sourceforge, and MySpace.
Place, publisher, year, edition, pages
Hershey, USA: IGI Global , 2011. Vol. 3, no 2, 1-18 p.
Authentication, federated identity management, mobile computing, OpenID, QR code, trusted device
IdentifiersURN: urn:nbn:se:liu:diva-70063DOI: 10.4018/jmcmc.2011040101OAI: oai:DiVA.org:liu-70063DiVA: diva2:435123