Publication Details
Alina Hang, Alexander De Luca, Michael Richter, Matthew Smith, Heinrich Hussmann
Where Have You Been? Using Location-Based Security Questions for Fallback Authentication To appear in the Proceedings of the 11th Symposium on Usable Privacy and Security (SOUPS'15). Ottawa, Kanada, July 22 - 24, 2015. |
|
In this paper, we propose and evaluate the combination of location-based authentication with security questions as a more usable and secure fallback authentication scheme. A four weeks user study with and additional evaluation af- ter six months was conducted to test the feasibility of the concept in the context of long-term fallback authentication. The results show that most users are able to recall the lo- cations to their security questions within a distance of 30 meters, while potential adversaries are bad in guessing the answers even after performing Internet research. After four weeks, our approach yields an accuracy of 95% and reaches, after six months, a value of 92%. In both cases, none of the adversaries were able to attack users successfully. |