A Novel Authentication Method That Combines Honeytokens and Google Authenticator
Despite the rapid development of technology, computer systems still rely heavily on passwords for security, which can be problematic. Although multi-factor authentication has been introduced, it is not completely effective against more advanced attacks. To address this, this study proposes a new two...
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-07-01
|
| Series: | Information |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2078-2489/14/7/386 |
| _version_ | 1827732898638200832 |
|---|---|
| author | Vassilis Papaspirou Maria Papathanasaki Leandros Maglaras Ioanna Kantzavelou Christos Douligeris Mohamed Amine Ferrag Helge Janicke |
| author_facet | Vassilis Papaspirou Maria Papathanasaki Leandros Maglaras Ioanna Kantzavelou Christos Douligeris Mohamed Amine Ferrag Helge Janicke |
| author_sort | Vassilis Papaspirou |
| collection | DOAJ |
| description | Despite the rapid development of technology, computer systems still rely heavily on passwords for security, which can be problematic. Although multi-factor authentication has been introduced, it is not completely effective against more advanced attacks. To address this, this study proposes a new two-factor authentication method that uses honeytokens. Honeytokens and Google Authenticator are combined to create a stronger authentication process. The proposed approach aims to provide additional layers of security and protection to computer systems, increasing their overall security beyond what is currently provided by single-password or standard two-factor authentication methods. The key difference is that the proposed system resembles a two-factor authentication but, in reality, works like a multi-factor authentication system. Multi-factor authentication (MFA) is a security technique that verifies a user’s identity by requiring multiple credentials from distinct categories. These typically include knowledge factors (something the user knows, such as a password or PIN), possession factors (something the user has, such as a mobile phone or security token), and inherence factors (something the user is, such as a biometric characteristic like a fingerprint). This multi-tiered approach significantly enhances protection against potential attacks. We examined and evaluated our system’s robustness against various types of attacks. From the user’s side, the system is as friendly as a two-factor authentication method with an authenticator and is more secure. |
| first_indexed | 2024-03-11T00:58:28Z |
| format | Article |
| id | doaj.art-2e983f98d98d4c68b897671bd0cdb26e |
| institution | Directory Open Access Journal |
| issn | 2078-2489 |
| language | English |
| last_indexed | 2024-03-11T00:58:28Z |
| publishDate | 2023-07-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Information |
| spelling | doaj.art-2e983f98d98d4c68b897671bd0cdb26e2023-11-18T19:46:55ZengMDPI AGInformation2078-24892023-07-0114738610.3390/info14070386A Novel Authentication Method That Combines Honeytokens and Google AuthenticatorVassilis Papaspirou0Maria Papathanasaki1Leandros Maglaras2Ioanna Kantzavelou3Christos Douligeris4Mohamed Amine Ferrag5Helge Janicke6Department of Informatics and Computer Engineering, University of West Attica, 12244 Athens, GreeceDepartment of CS and Telecommunications, University of Thessaly, 35100 Lamia, GreeceSchool of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UKDepartment of Informatics and Computer Engineering, University of West Attica, 12244 Athens, GreeceDepartment of Informatics, University of Piraeus, 18534 Piraeus, GreeceTechnology Innovation Institute, Masdar City 9639, Abu Dhabi, United Arab EmiratesCyber Security Cooperative Research Centre (CSCRC), Edith Cowan University, Perth, WA 6027, AustraliaDespite the rapid development of technology, computer systems still rely heavily on passwords for security, which can be problematic. Although multi-factor authentication has been introduced, it is not completely effective against more advanced attacks. To address this, this study proposes a new two-factor authentication method that uses honeytokens. Honeytokens and Google Authenticator are combined to create a stronger authentication process. The proposed approach aims to provide additional layers of security and protection to computer systems, increasing their overall security beyond what is currently provided by single-password or standard two-factor authentication methods. The key difference is that the proposed system resembles a two-factor authentication but, in reality, works like a multi-factor authentication system. Multi-factor authentication (MFA) is a security technique that verifies a user’s identity by requiring multiple credentials from distinct categories. These typically include knowledge factors (something the user knows, such as a password or PIN), possession factors (something the user has, such as a mobile phone or security token), and inherence factors (something the user is, such as a biometric characteristic like a fingerprint). This multi-tiered approach significantly enhances protection against potential attacks. We examined and evaluated our system’s robustness against various types of attacks. From the user’s side, the system is as friendly as a two-factor authentication method with an authenticator and is more secure.https://www.mdpi.com/2078-2489/14/7/386honeytokenauthenticationsecurityencryptionthreat modelingtwo-factor authentication |
| spellingShingle | Vassilis Papaspirou Maria Papathanasaki Leandros Maglaras Ioanna Kantzavelou Christos Douligeris Mohamed Amine Ferrag Helge Janicke A Novel Authentication Method That Combines Honeytokens and Google Authenticator Information honeytoken authentication security encryption threat modeling two-factor authentication |
| title | A Novel Authentication Method That Combines Honeytokens and Google Authenticator |
| title_full | A Novel Authentication Method That Combines Honeytokens and Google Authenticator |
| title_fullStr | A Novel Authentication Method That Combines Honeytokens and Google Authenticator |
| title_full_unstemmed | A Novel Authentication Method That Combines Honeytokens and Google Authenticator |
| title_short | A Novel Authentication Method That Combines Honeytokens and Google Authenticator |
| title_sort | novel authentication method that combines honeytokens and google authenticator |
| topic | honeytoken authentication security encryption threat modeling two-factor authentication |
| url | https://www.mdpi.com/2078-2489/14/7/386 |
| work_keys_str_mv | AT vassilispapaspirou anovelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT mariapapathanasaki anovelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT leandrosmaglaras anovelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT ioannakantzavelou anovelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT christosdouligeris anovelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT mohamedamineferrag anovelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT helgejanicke anovelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT vassilispapaspirou novelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT mariapapathanasaki novelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT leandrosmaglaras novelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT ioannakantzavelou novelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT christosdouligeris novelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT mohamedamineferrag novelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator AT helgejanicke novelauthenticationmethodthatcombineshoneytokensandgoogleauthenticator |