BetterAuth: web authentication revisited

Open Webpage

Martin Johns, Sebastian Lekies, Bastian Braun, Benjamin Flesch

Published: 01 Jan 2012, Last Modified: 30 Oct 2024ACSAC 2012EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: This paper presents "BetterAuth", an authentication protocol for Web applications. Its design is based on the experiences of two decades with the Web. BetterAuth addresses existing attacks on Web authentication, ranging from network attacks to Cross-site Request Forgery up to Phishing. Furthermore, the protocol can be realized completely in standard JavaScript. This allows Web applications an early adoption, even in a situation with limited browser support.

OpenReview is a long-term project to advance science through improved peer review with legal nonprofit status. We gratefully acknowledge the support of the OpenReview Sponsors. © 2025 OpenReview