# Geographical Security Questions for Fallback Authentication

**Authors:** Alaadin Addas, Julie Thorpe, Amirali Salehi-Abari

arXiv: 1907.00998 · 2019-07-03

## TL;DR

This paper introduces Geographical Security Questions (GeoSQ), a fallback authentication system using autobiographical location data, which improves security over traditional methods but needs usability enhancements.

## Contribution

The paper presents GeoSQ, a novel fallback authentication system leveraging autobiographical location data and provides security and usability evaluations through a user study.

## Key findings

- GeoSQ exceeds traditional fallback methods in security.
- Usability, especially login time, can be improved.
- User study involved 36 participants in pairs.

## Abstract

Fallback authentication is the backup authentication method used when the primary authentication method (e.g., passwords, fingerprints, etc.) fails. Currently, widely-deployed fallback authentication methods (e.g., security questions, email resets, and SMS resets) suffer from documented security and usability flaws that threaten the security of accounts. These flaws motivate us to design and study Geographical Security Questions (GeoSQ), a system for fallback authentication. GeoSQ is an Android application that utilizes autobiographical location data for fallback authentication. We performed security and usability analyses of GeoSQ through an in-person two-session lab study (n=36,18 pairs). Our results indicate that GeoSQ exceeds the security of its counterparts, while its usability (specifically login time) has room for improvement.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1907.00998/full.md

## Figures

7 figures with captions in the complete paper: https://tomesphere.com/paper/1907.00998/full.md

## References

45 references — full list in the complete paper: https://tomesphere.com/paper/1907.00998/full.md

---
Source: https://tomesphere.com/paper/1907.00998