4 research outputs found
2FYSH: two-factor authentication you should have for password replacement
Password has been the most used authentication system these days. However, strong passwords are hard to remember and unique to every account. Unfortunately, even with the strongest passwords, password authentication system can still be breached by some kind of attacks. 2FYSH is two tokens-based authentication protocol designed to replace the password authentication entirely. The two tokens are a mobile phone and an NFC card. By utilizing mobile phones as one of the tokens, 2FYSH is offering third layer of security for users that lock their phone with some kind of security. 2FYSH is secure since it uses public and private key along with challenge-response protocol. 2FYSH protects the user from usual password attacks such as man-in-the-middle attack, phishing, eavesdropping, brute forcing, shoulder surfing, key logging, and verifier leaking. The secure design of 2FYSH has made 90% of the usability test participants to prefer 2FYSH for securing their sensitive information. This fact makes 2FYSH best applied to secure sensitive data needs such as bank accounts and corporate secrets
Perancangan Protokol Two-Factor Authentication Berbasis Token Menggunakan Ponsel Android Dan Kartu Nfc
Dewasa ini, kata sandi telah menjadi sistem otentikasi yang paling banyak
digunakan. Namun, kata sandi yang aman adalah kata sandi yang sulit dihafal dan
unik untuk setiap akun yang dimiliki. Meningkatnya jumlah kepemilikan akun juga
memaksa pengguna harus mengingat banyak kata sandi. Sayangnya, dengan kata
sandi teraman sekalipun, masih terdapat beberapa jenis serangan yang dapat
dilakukan terhadap sistem otentikasi kata sandi.
Didukung dengan maraknya metode pembayaran cashless, penggunaan
teknologi NFC telah menjadi hal yang umum di masyarakat. Produsen smartphone
juga semakin gencar memproduksi smartphone dengan NFC sehingga diperkirakan
64% smartphone di dunia memiliki teknologi NFC pada tahun 2018. Dengan
demikian, penulis yakin bahwa sebagian besar orang akan memiliki dan
menggunakan teknologi NFC dengan semakin intensif di masa yang akan datang.
2fysh (“two factor you should have”) adalah protokol otentikasi berbasis dua
token yaitu smartphone dan kartu NFC. Protokol 2fysh menggunakan skema private
key dan public key dan challenge-response protocol. Dengan menggunakan ponsel
sebagai salah satu token, 2fysh menawarkan pengamanan lapis ketiga bagi
pengguna yang menggunakan pengamanan pada ponselnya.
Desain sistem 2fysh yang aman membuat 90% peserta uji memilih 2fysh
untuk mengamankan akun yang bersifat sensitif dan rahasia sehingga 2fysh paling
cocok untuk digunakan untuk melindungi data perbankan dan rahasia perusahaan
sebagai pengganti kata sandi
2FYSH: two-factor authentication you should have for password replacement
Password has been the most used authentication system these days. However, strong passwords are hard to remember and unique to every account. Unfortunately, even with the strongest passwords, password authentication system can still be breached by some kind of attacks. 2FYSH is two tokens-based authentication protocol designed to replace the password authentication entirely. The two tokens are a mobile phone and an NFC card. By utilizing mobile phones as one of the tokens, 2FYSH is offering third layer of security for users that lock their phone with some kind of security. 2FYSH is secure since it uses public and private key along with challenge-response protocol. 2FYSH protects the user from usual password attacks such as man-in-the-middle attack, phishing, eavesdropping, brute forcing, shoulder surfing, key logging, and verifier leaking. The secure design of 2FYSH has made 90% of the usability test participants to prefer 2FYSH for securing their sensitive information. This fact makes 2FYSH best applied to secure sensitive data needs such as bank accounts and corporate secrets
Analisis dan Implementasi Protokol Otentikasi FIDO U2F
It is known that password itself is not enough for formidable authentication method since it has a lot of vulnerabilities. Multi factor authentication (MFA) is introduced for the next generation for good authentication to address that issue. MFA combines two or more of three principles of good security, “something you know”, “something you have”, and “something you are”. Most MFA mechanisms work as one time passwords (OTP). However, they can still be vulnerable to phishing and MiTM attack. On top of that, OTP can be hard to use as it requires user to input another password given by the device (SMS, token, authenticator). Implemented in small USB U2F device, FIDO U2F delivers easier yet stronger security on authentication process which implements public key cryptography, challenge-response protocol, and phishing and MitM protection