Volltext-Downloads (blau) und Frontdoor-Views (grau)

Verify It's You: How Users Perceive Risk-based Authentication

  • Risk-based authentication (RBA) is an adaptive security measure to strengthen password-based authentication against account takeover attacks. Our study on 65 participants shows that users find RBA more usable than two-factor authentication equivalents and more secure than password-only authentication. We identify pitfalls and provide guidelines for putting RBA into practice.

Download full text files

Export metadata

Additional Services

Search Google Scholar Check availability


Show usage statistics
Document Type:Article
Author:Stephan WieflingORCiD, Markus Dürmuth, Luigi Lo Iacono
Parent Title (English):IEEE Security & Privacy
First Page:47
Last Page:57
Publishing Institution:Hochschule Bonn-Rhein-Sieg
Date of first publication:2021/05/27
Copyright:© 2021 IEEE. Personal use of this material is permitted.
Funding Information:This research was supported by the Human Centered Systems Security (NERD.NRW) research training group and was sponsored by the state of North Rhine-Westphalia.
Departments, institutes and facilities:Fachbereich Informatik
Institut für Cyber Security & Privacy (ICSP)
Projects:URIA - Usability of Risk-based Implicit Authentication
Dewey Decimal Classification (DDC):0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 005 Computerprogrammierung, Programme, Daten
Entry in this database:2021/05/19
Licence (Multiple languages):License LogoIn Copyright (Urheberrechtsschutz)