Nanzatov, Aiur (2025) Two-factor authentication in VR using near-range extended reality and smartphones. Masters thesis, Memorial University of Newfoundland.
![[img]](https://research.library.mun.ca/style/images/fileicons/application_pdf.png) |
[English]
PDF
- Accepted Version
Available under License - The author retains copyright ownership and moral rights in this thesis. Neither the thesis nor substantial extracts from it may be printed or otherwise reproduced without the author's permission. Download (18MB) |
Abstract
Modern smartphones have a wide variety of authentication and authorization measures: from drawing a simple pattern to a fingerprint scan system. However, the whole “password” is always contained inside of the device’s memory. In case of information leak, the possible malefactor/attacker has access to the whole password, therefore information security is at risk. Enhancing security measures is essential to develop a robust tool that ensures the safety of both head-mounted devices and smartphones. Users wearing headsets are vulnerable to real-world security threats, such as unauthorized individuals attempting to access their personal information or belongings. Furthermore, the necessity of removing the headset to interact with the smartphone can lead to potential security breaches. Thus, it is crucial to address these vulnerabilities to protect users effectively, both in VR and the immediate environment. This thesis proposes a novel approach to two-step authentication by “splitting” the password authentication process between two independent devices. In this method, one half of the password is displayed on a smartphone screen, while the other half is delivered through a head-mounted device (HMD). This design ensures that only an individual with access to both devices can successfully combine the two halves to form the complete password. The research suggests that this dual-authentication measure could effectively enhance security in systems that utilize both HMDs and smartphones simultaneously. A prototype was developed and tested, enabling users to interact with their smartphone content in a virtual reality (VR) environment. This system facilitates authentication through various challenges, such as CAPTCHA, numeric passwords, or game-like interfaces, requiring users to input specific passwords. Success in these tasks hinges on the effective communication and combination of inputs from both the HMD and smartphone, making it impossible to bypass the authentication process without both devices. The findings of this research are supported by two publications detailing the experiments and user studies conducted on the password-splitting method and the integration of smartphone content into the VR setting.
| Item Type: | Thesis (Masters) |
|---|---|
| URI: | http://research.library.mun.ca/id/eprint/16984 |
| Item ID: | 16984 |
| Additional Information: | Includes bibliographical references (pages 87-100) |
| Keywords: | smartphones and HMDs, phone in VR, virtual reality and human-computer interaction, information security, authentication in VR |
| Department(s): | Engineering and Applied Science, Faculty of |
| Date: | May 2025 |
| Date Type: | Submission |
| Library of Congress Subject Heading: | Smartphones--Security measures; Virtual reality--Security measures; Computer security; Authentication |
Actions (login required)
 |
View Item |
Download statistics
Download statistics