Konferenzbeitrag
Evaluating the evaluation criteria for account-recovery procedures in passwordless authentication
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Zusatzinformation
Datum
2024
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
Passwordless authentication avoids the weaknesses of password based authentication such as guessable passwords and password reuse. However, when passwordless authentication becomes impossible for the user, e.g. due to loss of the security token, an account recovery method has to be used. Kunke et al. [Ku21] analysed these recovery mechanisms in respect of criteria they extracted from the literature. However, these criteria in the literature were based on researchers’ opinions and were not grounded in practical experience.To achieve this grounding, semi-structured interviews were conducted with practitioners in various industries. These experts were asked to rate the existing criteria and contribute additional criteria if required. The result is a weighted list of criteria that can be used in future to evaluate account recovery procedures.