Abstract by Ken Reese
Comparing the Usability of Two-factor Authentication
Passwords are the dominant form of authentication on the web today. However, many users choose weak passwords and reuse the same password on multiple sites, thus increasing their vulnerability to having their credentials leaked or stolen. Two-factor authentication strengthens existing password authentication schemes against impersonation attacks and makes it more difficult for attackers to reuse stolen credentials on other websites. Despite the added security benefits of two-factor authentication, there are still many open questions about its usability. Many two-factor systems in widespread usage today have not yet been subjected to adequate usability testing. We describe our ongoing research to measure and compare the usability of various two-factor authentication systems.