Patterns
- Active Warnings
- Attractive Options
- Complete Delete
- Conveying Threats & Consequences
- Create a Security Lexicon
- Create Keys When Needed
- Delayed Unrecoverable Action
- Detailed Notifications About Security
- Direct Access to UI Components
- Disable by Default
- Disable of Services
- Disclose Significant Deviations
- Distinguish Between Run and Open
- Distinguish Internal Senders
- Distinguish Security Levels
- Email-Based Identification and Authentication
- Explicit Item Delete
- Explicit User Audit
- Failing Safely
- General Notifications About Security
- Immediate Notifications
- Immediate Options
- Indirect Access to UI Components
- Informative Dialogues
- Install Before Execute
- Key Continuity Management
- Levels of Severity
- Leverage Existing Identification
- Localization of Specific Areas
- Migrate and Backup Keys
- Noticeable Contextual Indicators
- Providing Recommendations
- Quick Description of UI Components
- Redundant Notifications
- Reset to Installation
- Restricted Areas Notification
- Security Features Used by the System
- Security Features Used by the User
- Send S/MIME-Signed Email
- Separating Content
- Sequential Access to UI Components
- Suggestive Dialogues
- System’s Security Tasks
- The Absence of Indicators
- Track Received Keys
- Track Recipients
- Warn When Unsafe
Patterns are based on scientific sources.
Usable Security Pattern - Email-Based Identification and Authentication
Luigi Lo Iacono, Peter Nehren
January 18, 2016
Email-Based Identification and Authentication
| Name | Email-Based Identification and Authentication |
| Sources | (Garfinkel, 2005) |
| Synonyms | None |
| Context | Provide a simple, self-service means for people to reset or recover credentials on systems that are less frequently used by leveraging authentication from systems that are more frequently used. |
| Problem | How to establish users identity or authorization? |
| Solution | Use the ability to receive email at a pre-determined address to establish one’s identity or authorization to modify account parameters. |
| Examples |  Source: (Garfinkel, 2005) |
| Implementation | The web site should email a URL with an embedded token to the registered account; clicking on the URL takes the user to a web page that allows the password to be changed. The URL should expire after a short period of time and should not be usable more than once. Cookies can be used to require that the password be reset on the same browser that asked for the URL be sent. Send S/MIME-Signed Email should be used to decrease vulnerability to phishing attacks. Email-Based Identification and Authentication can even be used with desktop applications that use password to unlock encrypted data. When the encryption key is created, the user’s password is split and a share with a registered email address are stored with a trusted third party. If the user loses his or her local password, the second split can be sent to the web site, which can send a link to the registered email address that, when clicked, will cause the password to be reassembled and displayed. |
| Consequences | In addition to allowing for easy password reset, Email-Based Identification and Authentication systems make it easy for those who have access to email systems to compromise additional accounts. This risk can be mitigated through the use of challenge questions (Just, 2005). |
| Dependencies | None |
| Relationships | [Leverage Existing Identification] |
| Principles | [Convenience] |
| Guidelines | None |
| Check lists | None |
| Use cases | None |
| Tags | Email-Based Identification and Authentication, Authenticity, Authorization, Accessibility |
| Log history | [12/21/2015]: Added to repository |
References
Garfinkel, S.L., 2005. Design principles and patterns for computer systems that are simultaneously secure and usable (PhD thesis). Massachusetts Institute of Technology.
Just, M., 2005. Designing authentication systems with challenge questions, in: Cranor, L., Garfinkel, S. (Eds.), Security and Usability. O’Reilly.