Dimensions:
- Skipping
- Usability (whole set of things that will not be covered in this blog post)
- Targeted attacks / schemes that attempt to improve user-chosen secrets
- Need to carry something that can be stolen? (no systems that have been proposed are vulnerable to this? Maybe passkey on unlocked phones?)
- Third-party schemes (like SSO)
- Linkability (ability for websites to collude and determine that two users are the same)
- Session lifetime (since authentication can last a long time before the user needs to reauthenticate)
- Key space
- storage (resilience to leaks)
- clear vs hash vs public key vs TPM
- resistance to shoulder-surfing
- resistance to eavesdropping on cleartext (so schemes that are replay-resistant)
- resistance to phishing
- explicit consent (passwords / pins)
- User-chosen secrets (the worst)
- Bank PINs and website passwords
- User-chosen secrets supplemented with a code
- TOTP 2FA
- fixed key stored with hash (kind of asymmetric!)
- If password is sufficiently strong, this is secure even if there is a data breach
- fixed key / challenge-response stored in clear (allows for ambiguous input!)
- Great against shoulder-surfing, but the problem is that this is not secure in case of a data breach
- challenge-response with asymmetric key
- Certificate-based auth (secure against eavesdropping and data breaches)
- website-variable authentication (resists phishing)
- PwdHash (POC browser extension)
- Password Managers
- FIDO2 keys
- All rely on the website domain as identified by the browser, which is no worse and usually better than human website identification.
Different existing methods:
- FIDO2 keys are the best because they combine all of these benefits, but they do rely on you maintaining possession of the key
- TOTP codes are not phishing resistant, but they do help with shoulder-surfing
- Push notifications are not phishing resistant. They just have more entropy than a time-based code.
- SMS and email codes are not phishing resistant, and are susceptible to eavesdropping.
- Magic links are phishing resistant! (BUT they only test for possession of the email address, should
use a fixed key and/or a certificate per user and then be signed)
- Shifts security to the email provider / authentication method of the email provider
- Passkeys are just a TPM-based FIDO2 key that communicates with the browser via Bluetooth instead of USB. Passkey = multi-device FIDO key