Evaluation of Two-Factor Authentication (2FA) TOTP in Higher Education Using Vulnerability Assessment and CIA Triad

##plugins.themes.academic_pro.article.main##

Heru Wijayanto Aripradono
Haeruddin
Kurnia Cantra

Abstract

Vulnerability exploitation in education websites often leads to data breaches, negatively impacting learning activities, notably higher education, which is highly susceptible to such attacks. This research evaluates the effectiveness of two-factor authentication in mitigating exploitability. To analyze issues further, vulnerability assessment tools, such as Burp Suite and ZAP, can explore website vulnerability and the CIA Triad framework (Confidentiality, Integrity, Availability). The analysis revealed three medium-level vulnerabilities and six low-level vulnerabilities; key topics such as CSRF (Cross-Site Request Forgery) and XSS (Cross-Site Scripting), compromise integrity, and MITM (Man-In-The-Middle) attacks threaten Confidentiality, these vulnerabilities indicate non-compliance with CIA Triad, mitigation strategy such are VPN (Virtual Private Network), and WAF (Web Application Firewall) were proposed. While two-factor authentication improves security, additional fixes and optimizations are required for its effective implementation in the education sector.

##plugins.themes.academic_pro.article.details##

How to Cite
Heru Wijayanto Aripradono, Haeruddin, & Kurnia Cantra. (2024). Evaluation of Two-Factor Authentication (2FA) TOTP in Higher Education Using Vulnerability Assessment and CIA Triad. Jurnal E-Komtek (Elektro-Komputer-Teknik), 8(2), 245-254. https://doi.org/10.37339/e-komtek.v8i2.2113