BluePass: A Mobile Device Assisted Password Manager

Li, Yue and Wang, Haining and Sun, Kun (2018) BluePass: A Mobile Device Assisted Password Manager. EAI Endorsed Transactions on Security and Safety, 5 (17). e3. ISSN 2032-9393

[img]
Preview
Text
eai.10-1-2019.156244.pdf
Available under License Creative Commons Attribution No Derivatives.

Download (1MB) | Preview

Abstract

With the growing number of online accounts a user possesses, managing passwords has been unprecedentedly challenging. Password managers have emerged to help users managing their passwords. However, state-of-the-art cloud based password managers are vulnerable to data breach and a master password becomes a single point of failure. To address these security vulnerabilities, we propose BluePass, a password manager that stores the password vault (i.e., the set of all the encrypted site passwords of a user) locally in a mobile device and a decryption key to the vault in the user computer. BluePass partially inherits the security characteristics of two-factor authentication by requiring both a mobile device and a master password to retrieve and decrypt the site passwords. BluePass leverages short-range nature of Bluetooth to automatically retrieve site passwords and fill the login fields, providing a hand-free user experience.

Item Type: Article
Uncontrolled Keywords: Authentication, Password, Password Manager, Two-factor Authentication
Subjects: H Social Sciences > H Social Sciences (General)
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
QA75 Electronic computers. Computer science
Depositing User: EAI Editor IV
Date Deposited: 26 Mar 2021 13:58
Last Modified: 26 Mar 2021 13:58
URI: https://eprints.eudl.eu/id/eprint/2099

Actions (login required)

View Item View Item