MagAuth: Secure and Usable Two-Factor Authentication With Magnetic Wrist Wearables

Yan Zhang, Dianqi Han, Ang Li, Lili Zhang, Tao Li, Yanchao Zhang

Research output: Contribution to journalArticlepeer-review

1 Scopus citations


Secure and usable user authentication is the first line of defense against cyber attacks on smart end-user devices. Advanced hacking techniques pose severe threats to the traditional authentication systems based on the password/PIN/fingerprint. We propose MagAuth, a secure and usable two-factor authentication scheme with commercial off-the-shelf (COTS) wrist wearables with magnetic strap bands to enhance the security and usability of password-based authentication for mobile touchscreen devices. In MagAuth, a user enrolls a self-chosen unlock pattern or touch gesture into his touchscreen device by performing it with the same hand the magnetic wrist wearable is on. The chosen unlock pattern or touch gesture serves as the first authentication factor, and the user's behavioral features manifested in the magnetic field changes during his finger movement correspond to the second factor. The user can unlock his touchscreen device only when both authentication factors can be validated. Comprehensive user experiments confirm the high security and usability of MagAuth. In particular, MagAuth achieves an average true-positive rate up to 96.3 percent and a false-positive rate no larger than 8.4 percent. Moreover, we show that MagAuth is highly resilient to various attacks.

Original languageEnglish (US)
Pages (from-to)311-327
Number of pages17
JournalIEEE Transactions on Mobile Computing
Issue number1
StatePublished - Jan 1 2023


  • Mobile authentication
  • security
  • usability

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering


Dive into the research topics of 'MagAuth: Secure and Usable Two-Factor Authentication With Magnetic Wrist Wearables'. Together they form a unique fingerprint.

Cite this