Knowledge Based Authentication (KBA): Improving Security and Usability of Umm Al-Qura University’s Students’ Portal

Abstract

User authentication is one of the key steps to have secure digital environments and prevent security threats. Knowledge-based authentication (KBA), in its simplest forms, is the process where users authenticate their identities by having knowledge of a specific secret which confirms their identity (e.g. passwords). Humans have issues with remembering non-meaningful strings. This is why they tend to choose easily predictable passwords in the sense that they mean something to them, thus potentially making attacks easier since an attacker is able to guess such passwords. To overcome this issue, user authentication approaches should find a way to reduce the burden on the users’ memory so they can choose stronger passwords. In other words, a trade-off between the usability needs of the users and the security needs of the system is required. Many empirical studies suggest that human’s memory is better in remembering images than in remembering text. Therefore, a graphical-based authentication approach is proposed in this study as an alternative to the currently used text-based approach in the students’ portal at Umm Al-Qura University. In addition, to increase the security level, this study proposes a second authentication phase which requires the students to answer a set of challenge questions right after authenticating their login with the graphical-based authentication approach. A simulation scenario was used to investigate and evaluate the feasibility of this alternative multiphase authentication approach in improving the security and usability of the students’ portal. Finally, several recommendations were mentioned for further research in this field.