Description: Keylogging and phishing attacks can extract user identity
and sensitive account information for unauthorized access to users’ financial
accounts. Most existing or proposed solutions are vulnerable to
session hijacking attacks. We propose a simple approach to counter these
attacks, which cryptographically separates a user’s long-term secret input
from (typically untrusted) client PCs a client PC performs most computations
but has access only to temporary secrets. The user’s long-term
secret (typically short and low-entropy) is input through an independent
personal trusted device such as a cellphone.
- [QQ2004_Source] - QQ2004 imitation of the Server/Client so
- [everrich_gmail] - Phishing: get Gmail s username and passw
- [Source] - Written by VC++6.0 defense phishing brow
- [QQdiaoyu] - Written in easy language to use, QQ phis
File list (Check if you may need any files):
(good)Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer.pdf
Download