FIDO2 the Rescue? Platform vs. Roaming Authentication on Smartphones

February 15, 2023 Β· Entered Twilight Β· πŸ› International Conference on Human Factors in Computing Systems

πŸ’€ TWILIGHT: Eternal Rest
Repo abandoned since publication

Repo contents: CITATION.cff, LICENSE, README.md, babel.config.js, gfx, package.json, public, src, vue.config.js

Authors Leon WΓΌrsching, Florentin Putz, Steffen Haesler, Matthias Hollick arXiv ID 2302.07777 Category cs.CR: Cryptography & Security Cross-listed cs.HC, cs.NI Citations 16 Venue International Conference on Human Factors in Computing Systems Repository https://github.com/seemoo-lab/fido2-the-smartphone Last Checked 1 month ago
Abstract
Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own accounts. We present the first lab study (N=87) comparing platform and roaming authentication on smartphones, determining the practical strengths and weaknesses of FIDO2 as perceived by users in a mobile scenario. Most participants were willing to adopt passwordless authentication during our in-person user study, but closer analysis shows that participants prioritize usability, security, and availability differently depending on the account type. We identify remaining adoption barriers that prevent FIDO2 from succeeding password authentication, such as missing support for contemporary usage patterns, including account delegation and usage on multiple clients.
Community shame:
Not yet rated
πŸ“„ View on arXiv 🌐 View on ar5iv πŸ“‘ PDF πŸ’» Repository πŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Cryptography & Security