Autentisering på Internet : En studie och utvärdering av olika metoder för att autentisera användare

Sammanfattning: The goal of the project is to evaluate three different methods of authenticating users on the Internet. These three methods are: login with username and password, two-factor authentication, and Freja eID. The login systems are evaluated in terms of usability, accessibility, security, and complexity. Usability and accessibility refer to how easy these systems are to use for different types of users and how well they work on various types of devices. This is determined through tests with programs and user tests. Security is evaluated through theory about Internet security, and complexity is measured by determining the cyclomatic complexity of the code. This means that the fewer paths there are through a code and the less complex these paths are, the less complex the code is. All code is written in JavaScript. Node.js was used for backend and Vue.js was used for frontend. A website has been constructed to test the login systems where the user can create an account, log in with password or two-factor authentication. In addition, there is a separate page for using the Freja eID's test API. The user tests that have been conducted show that testers preferred to log in with Freja eID and found it difficult to use two-factor authentication. Freja eID and two-factor authentication are considerably more secure than logging in with just a password and a username. In terms of code complexity, Freja eID was the solution that was the least complex and required the least amount of work. This makes Freja eID the solution that is ultimately recommended despite the cost per login. If a more economical alternative is desired, two-factor authentication is recommended.