Audiouth: Multi-factor Authentication Based on Audio Signal

Despite its popularity, password-based authentication has several crucial security problems. The multi-factor authentication system has risen as a popular alternative method to improve password security by applying additional authentication factors instead of only password. One of the notable examples is a push-based two-factor authentication (2FA) system that requires the user to confirm their login attempt with a very minimum effort. However, this method also has a disadvantage as users can accidentally press the accept button in their software token. In this work, we propose Audiouth as an additional authentication factor to the push-based 2FA based on physical proximity between the login device and smartphone as the token device. Audiouth using an audio signal to measure the proximity so that it does not require additional user interaction. It is also easily deployed because no extra devices needed and it is compatible with current phones, computers, and browsers. The experiment shows that Audiouth is robust in silent and noisy environments, especially in indoor. Besides, Audiouth can also be used to minimize the co-located attack.