Skip to main content

Table 1 Authentication methods and their advantages and disadvantages

From: Secure Authentication-Management human-centric Scheme for trusting personal resource information on mobile cloud computing with blockchain

Authentication method Advantages Disadvantages
Knowledge-based authentication [22] Static knowledge-based authentication No need for hardware
Low implementation cost
High user convenience
Less secure than the other authentication methods
Vulnerable to various attacks, such as shoulder surfing attacks and smudge attacks
Dynamic knowledge-based authentication Better security than the static knowledge-based authentication
Questions and answers based on the user’s personal information; no need to set password
Users must memorize their own records because they will not know the questions in advance
Malicious users can access via the exposed personal information of other users
Possession-based authentication [23] Hardware type Better security than the knowledge-based authentication method Users must possess separate hardware, such as a One Time Password (OTP) terminal
If the terminal is lost, it can lead to security threats
Software type Better security than the knowledge-based authentication method
Higher portability and convenience compared to the hardware type of possession-based authentication
High risk of leakage because it is stored in a logical storage medium
Inherence-based authentication [22] (Biometric-based authentication) Based on the user’s physical characteristics Authentication based on various parts of the user’s body, such as face recognition, iris recognition, fingerprint recognition, vein recognition, and heart rate and ECG recognition
High security
High convenience
Difficult to implement and manage
High cost
Data loss due to physical recognition error
Based on the user’s physical behaviors Authentication based on the recognition of the user’s behaviors, including voice, typing rhythm, signature pattern, signature pressure, and user motion
High security
High convenience
Difficult to implement and manage
High cost
Vulnerable to a recorded voice
Difficult to set the recognition tolerance range
Multi-factor authentication [22] Higher security compared to single-factor authentication
Reduced masquerade threat
Vulnerable to man-in-the-middle attacks
Difficult to implement and manage
High cost