Author(s)

Varun Dixit^1*, Davinderjit Kaur²

¹Omnissa LLC, Palo Alto, CA, USA.
²MedROAD Lab, University of Alberta, Edmonton, Canada.

The two-factor authentication mechanism is gaining popularity as more people are becoming aware of the need to secure their identities. In the current form, existing 2FA systems are defenseless against phishing attacks. They do not provide any visual indicator to the user to check the website’s validity before logging in during phishing attacks. This exposes the user’s password during the phishing attack. Two-factor authentication needs to be enhanced to provide a mechanism to detect phishing attacks without adding a significant burden on the user. This research paper will propose a novel 2-FA TOTP mechanism to provide a subconscious indicator during a phishing attack. In comparison, the new proposed novel approach provides better security against phishing attack. Lastly, the mathematical analysis is performed to understand the TOTP variance and validate the security considerations against the existing 2FA systems with respect to adversary attack.

Two Factor Authentication, 2FA, Phishing Attack, Fixed 2FA, TOTP, HMAC

Dixit, V. and Kaur, D. (2024) Development of Two-Factor Authentication to Mitigate Phishing Attack. Journal of Software Engineering and Applications, 17, 787-802. doi: 10.4236/jsea.2024.1711043.