Which one of the following authentication mechanisms creates a problem for mobile users?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Anything based on a fixed IP address would be a problem for mobile users because their location and its associated IP address can change from one timeto the next.Many providers will assign a new IP every time the device would be restarted.For example an insurance adjuster using a laptop to file claims online.
He goes to a different client each time and the address changes every time he connects to the ISP.
NOTE FROM CLEMENT: The term MOBILE in this case is synonymous with Road Warriors where a user is contantly traveling and changing location.
With smartphone today that may not be an issue but it would be an issue for laptops or WIFI tablets.
Within a carrier network the IP will tend to be the same and would change rarely.So this question is more applicable to devices that are not cellular devices but in some cases this issue could affect cellular devices as well.
The following answers are incorrect: mechanism with reusable password.
This is incorrect because reusable password mechanism would not present a problem formobile users.They are the least secure and change only at specific interval.
one-time password mechanism.
This is incorrect because a one-time password mechanism would not present a problem for mobile users.Many are based on a clock and not on the IP address of the user.
challenge response mechanism.
This is incorrect because challenge response mechanism would not present a problem for mobile users.
The correct answer is B. Mechanism with reusable passwords.
Explanation: Mobile users, as the name suggests, are users who are on the move and do not have fixed locations. They may be using different devices or networks to access the resources they need. Thus, they require a mechanism that is flexible and can adapt to different scenarios.
Option A, mechanisms based on IP addresses, may not be suitable for mobile users because they may be using different networks with different IP addresses.
Option C, one-time password mechanism, can be suitable for mobile users as it provides a new password every time they need to authenticate, thus making it difficult for attackers to reuse passwords.
Option D, challenge-response mechanism, can also be suitable for mobile users as it involves the user responding to a challenge posed by the authentication system, which can be done using a mobile device.
Option B, mechanism with reusable passwords, creates a problem for mobile users because they may be using different devices and networks, and if an attacker intercepts their password, they can easily access the resources. Therefore, this mechanism is not suitable for mobile users as it poses a higher security risk.
In summary, option B, mechanism with reusable passwords, creates a problem for mobile users, while the other options can be suitable depending on the specific scenario.