—People enjoy the convenience of on-line services, but online environments may bring many risks. In this paper, we discuss how to prevent users’ passwords from being stolen by ...
Ming Lei, Yang Xiao, Susan V. Vrbsky, Chung-Chih L...
We propose BeamAuth, a two-factor web authentication technique where the second factor is a specially crafted bookmark. BeamAuth presents two interesting features: (1) only server...
We propose a scheme that exploits scale to prevent phishing. We show that while stopping phishers from obtaining passwords is very hard, detecting the fact that a password has bee...
Through a variety of means, including a range of browser cache methods and inspecting the color of a visited hyperlink, client-side browser state can be exploited to track users a...
Collin Jackson, Andrew Bortz, Dan Boneh, John C. M...
In spite of the use of standard web security measures (SSL/TLS), users enter sensitive information such as passwords into scam web sites. Such scam sites cause substantial damages...