Password-less two-factor authentication using scannable barcodes on a mobile device

Author

Grant M. Callant II, Eastern Washington University

Date of Award

Spring 2021

Rights

Access is available to all users

Document Type

Thesis

Degree Name

Master of Science (MS) in Computer Science

Department

Computer Science

Abstract

Currently, passwords are the default method used to authenticate users. As hardware continues to advance in speed, breaking these passwords becomes easier. The traditional solution to this problem is ever increasing password complexity and two-factor authentication. However, users become strained under overly complex login systems and often circumvent them. Two-factor authentication also adds to this complexity and many forms of two-factor authentication are inherently insecure. In answer to these problems, this project proposes a password-less multi-factor authentication system, which leverages the tried-and-proven existing technologies, asymmetric cryptography, digital signatures, and biometric authentication. Simulated user testing shows promising results, suggesting that registration can be completed in just over thirty seconds, and authentication in just over two seconds. An analysis of this project’s possible attack vectors, preventative steps taken, and their solutions in potential future research are also discussed.

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Recommended Citation

Callant II, Grant M., "Password-less two-factor authentication using scannable barcodes on a mobile device" (2021). EWU Masters Thesis Collection. 668.
https://dc.ewu.edu/theses/668