Abstract
Operating system and browser support that comes with the FIDO2 standard and the biometric user verification options increasingly available on smart phones has excited everyone, especially big tech companies, about the passwordless future. Does a dream come true, are we finally totally getting rid of passwords? In this position paper, we argue that although passwordless authentication may be preferable in certain situations, it will be still not possible to eliminate passwords on the web in the foreseeable future. We defend our position with five main reasons, supported either by the results from the recent literature or by our own technical and business experience. We believe our discussion could also serve as a research agenda comprising promising future work directions on (passwordless) user authentication.
Original language | English |
---|---|
Title of host publication | 15th International Conference on Information Security and Cryptography, ISCTURKEY 2022 - Proceedings |
Editors | Ferruh Ozbudak, Seref Sagiroglu, Ali Aydin Selcuk |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 68-73 |
Number of pages | 6 |
ISBN (Electronic) | 9781665456036 |
DOIs | |
Publication status | Published - 2022 |
Event | 15th International Conference on Information Security and Cryptography, ISCTURKEY 2022 - Ankara, Turkey Duration: 19 Oct 2022 → 20 Oct 2022 |
Publication series
Name | 15th International Conference on Information Security and Cryptography, ISCTURKEY 2022 - Proceedings |
---|
Conference
Conference | 15th International Conference on Information Security and Cryptography, ISCTURKEY 2022 |
---|---|
Country/Territory | Turkey |
City | Ankara |
Period | 19/10/22 → 20/10/22 |
Bibliographical note
Publisher Copyright:© 2022 IEEE.
Keywords
- authentication
- passwords
- security
- standards
- usable security