Seminar Series Archive

Despite all the advancement in authentication schemes, text-based authentication is perhaps still the most common way of user authentication (e.g., textual passwords or personal identification numbers - PINs). However, they suffer from several well-documented security issues caused by the user's poor choices or design inefficiencies influenced by limited human users' capability. To address the issues accompanying current designs, we proposed a password manager and a two-factor authentication scheme built on top of the Device-Enhanced Password Authenticated Key Exchange (DE-PAKE) cryptographic protocol. In this presentation, I introduce the design, implementation and usability evaluation of these schemes that aim to improve the security and usability of password-only authentication systems against offline dictionary attacks, online guessing attacks, and phishing attacks with the aid of a secondary device/service.

Maliheh is a research scientist in the System Security team at Visa Research. Her main research interests are authentication, system security, and user-centered security. She has several publications in top venue security conferences such as CCS and NDSS. She received her Ph.D. in 2018 from the University of Alabama at Birmingham where she was affiliated with the Security and Privacy In Emerging computing and networking Systems (SPIES) research group. She was the recipient of UAB College of Arts and Sciences 2018 Dean's Award and UAB Departmental Outstanding Student Award. She received her Master of Science in Computer Architecture in 2006 from Shahid Beheshti University and her Bachelor of Science degree in Computer Hardware in 2003 from University of Tehran. Prior to perusing a career in science and research, she was an engineer with over 10 years of hands-on experience managing and engineering networking and security projects.


Currently, she is working on improving the security of usable authentication schemes.