Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Mobile and Forensics
Haq, Dzikri Izzatul
Unknown Affiliation
Computer Science & IT Control & Systems Engineering Electrical & Electronics Engineering Library & Information Science Neuroscience

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Security Analysis of Two-Factor Authentication Applications: Vulnerabilities in Data Storage and Management Pane, Syafrial Fachri; Haq, Dzikri Izzatul; Siregar, M. Amran Hakim
Mobile and Forensics Vol. 7 No. 2 (2025)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v7i2.13312

Abstract

In the digital era, two-factor authentication (2FA) is used as an additional security measure to protect user access to digital services. However, the storage methods of authentication data in 2FA applications have potential security vulnerabilities that can be exploited. This study analyzes five popular 2FA applications, namely Google Authenticator, 2FAS, Aegis Authenticator, Okta Verify, and TOTP Authenticator, focusing on how secret keys are stored and the potential exploitation risks. The experiment was conducted in a virtual Android environment using rooted BlueStacks 5. Data acquisition was performed using Media Manager and X-Plore File Manager, followed by data analysis with SQLite Browser and bypass with PyOTP. The results indicate that some applications store secret keys in plaintext or weak encryption, making authentication bypass possible by manually generating OTP codes. This study concludes that strengthening data storage security in 2FA applications is crucial to prevent unauthorized exploitation by malicious actors.
Co-Authors Siregar, M. Amran Hakim Syafrial Fachri Pane, Syafrial Fachri