Security Analysis on Password Authentication System of Web Sites
웹사이트 패스워드 인증 시스템의 보안성 분석

Heekyeong Noh, Changkuk Choi, Minsu Park, Seungjoo Kim
2014 KIPS Transactions on Computer and Communication Systems  
Portal site is not only providing search engine and e-mail service but also various services including blog, news, shopping, and others. The fact that average number of daily login for Korean portal site Naver is reaching 300 million suggests that many people are using portal sites. With the increase in number of users followed by the diversity in types of services provided by portal sites, the attack is also increasing. Most of studies of password authentication is focused on threat and
more » ... measures, however, in this study, we analyse the security threats and security requirement of membership, login, password reset first phase, password reset second phase. Also, we measure security score with common criteria of attack potential. As a result, we compare password authentication system of domestic and abroad portal sites.
doi:10.3745/ktccs.2014.3.12.463 fatcat:ljxmr52k5fgxjhyte4y6gxqqky