Kohno, TadayoshiTakakuwa, Alex2019-08-142019-08-142019-08-142019Takakuwa_washington_0250E_20372.pdfhttp://hdl.handle.net/1773/44147Thesis (Ph.D.)--University of Washington, 2019Humans have used passwords for access control since ancient times. Upon the advent of the internet, passwords naturally transitioned to the web and have since become the standard mode of web authentication. However, over the last 25 years, password authentication has shown persistent and unavoidable security and usability problems. Many within the computer security industry believe that we can improve the state of the art in both security and usability by utilizing asymmetric challenge-response protocols for authentication. For example, the FIDO Alliance, a group of industry and academic partners working together to bring secure and usable authentication protocols to the web, utilize such asymmetric cryptographic protocols to help strengthen the authentication flow. Nevertheless, despite industry and academic desire to improve web authentication, passwords remain the status quo for users. In this dissertation, I present the landscape of authentication protocols and propose solutions allowing users to upgrade devices and recover from device loss -- two of the remaining technical challenges that prevent modern authentication schemes from supplanting passwords as the dominant method of web authentication.application/pdfen-USnoneAuthenticationPrivacySecurityComputer scienceComputer science and engineeringThesis