Kuek, En Yee (2025) Phishing-resistant multi factor authentication. Final Year Project, UTAR.
Abstract
The advent of the internet has revolutionized how people connect and interact, but it also brings various severe consequences such as data leakage when weak authentication method is implemented. Two-factor authentication(2FA) is a widely adopted method, yet vulnerabilities have been discovered to bypass it. Traditional 2FA typically combines something a user knows (like a password) with something they have (like a temporary verification code from a physical device). However, this approach is still susceptible to attacks such as phishing attacks, especially Real-Time Phishing(RTP) attack. Location-based multi authentication (MFA) methods have been proposed to mitigate RTP techniques that exploit traditional OTP-based verification. By replacing the OTP mechanism with a geolocation verification step, it add a layer of security to the authentication process. Limitations on previously proposed location-based multi-factor authentication are additional user step for adaptation, mobile-based, and additional costs due to hardware requirements. This paper suggests incorporating location as an extra security layer while maintaining the user-friendliness and seamlessness of existing two-factor authentication methods, thus creating a user-friendly and seamless multifactor authentication solution. The performance of this proposed authentication method is evaluated against various attacks, notably RTP attack.
Actions (login required)
![[img]](http://eprints.utar.edu.my/style/images/fileicons/application_pdf.png)
