Server-side Second Factors

Explore a statistical framework for measuring login attempt validity in this 21-minute conference talk from USENIX Enigma 2016. Delve into the prototype implementation tested on real LinkedIn login data, focusing on IP addresses and browser user agents. Discover how user login history and reputation systems can achieve good accuracy in protecting users, even for new services without labeled account takeover data. Learn how combining this approach with labeled data can further enhance system accuracy. Gain insights from David Freeman, Head of Anti-Abuse Engineering at LinkedIn Corporation, on innovative methods for strengthening server-side second factors in user authentication.