Abstract by Jonathan Dutson
Help, My Phone’s Been Stolen! Automating Two-factor Setup Using Password Managers
Two-factor authentication (2FA) has become a standard part of securing important online accounts. However, the process of setting up 2FA is different for every site. Setting up 2FA for multiple sites can be an arduous process that discourages 2FA adoption. We propose improving the 2FA setup process by using a password manager to provide automation. Using either browser automation or our newly designed API, users can enroll in 2FA on multiple websites from a single user interface. We hypothesize our system will be faster and more usable than the current process of manual 2FA setup without introducing any new risks to account security.