Volltext-Downloads (blau) und Frontdoor-Views (grau)

Measuring Adoption of Phishing-Resistant Authentication Methods on the Web

  • Password-based authentication is widely used online, despite its numerous shortcomings, enabling attackers to take over users’ accounts. Phishing-resistant Fast IDentity Online (FIDO) credentials have therefore been proposed to improve account security and authentication user experience. With the recent introduction of FIDO-based passkeys, industry-leading corporations aim to drive widespread adoption of passwordless authentication to eliminate some of the most common account takeover attacks their users are exposed to. This thesis presents the first iteration of a distributed web crawler measuring the adoption of FIDO-based authentication methods on the web to observe ongoing developments and assess the viability of the promised passwordless future. The feasibility of automatically detecting authentication methods is investigated by analyzing crawled web content. Because today’s web is increasingly client-side rendered, capturing relevant data with traditional scraping methods is challenging. Thus, the traditional approach is compared to the browser-based crawling of dynamic content to optimize the detection rate. The results show that authentication method detection is possible, although there are some limitations regarding accuracy and coverage. Moreover, browser-based crawling is found to significantly increase detection rate.

Download full text files

Export metadata

Additional Services

Search Google Scholar

Statistics

frontdoor_oas
Metadaten
Author:Martin Bock
URN:urn:nbn:de:bsz:900-opus4-70381
Referee:Walter Kriha, Benjamin Binder
Document Type:Master's Thesis
Language:English
Year of Completion:2023
Granting Institution:Hochschule der Medien, FB 1: Druck und Medien
Date of final exam:2023/06/30
Release Date:2023/10/16
Tag:Adoption; Authentication; FIDO; Passkeys; WebAuthn
GND Keyword:FIDO; WebAuthn; Passkeys; Adoption; Authentication
Page Number:125
Institutes:FB 1: Druck und Medien
DDC classes:000 Allgemeines, Informatik, Informationswissenschaft / 000 Allgemeines, Wissenschaft / 004 Informatik
Licence (German):License LogoCreative Commons - CC BY-NC-ND - Namensnennung - Nicht kommerziell - Keine Bearbeitungen 4.0 International