1. Field
The disclosed embodiments relate to techniques for performing user authentication. More specifically, the disclosed embodiments relate to techniques for performing device-driven user authentication.
2. Related Art
User accounts and/or resources are commonly accessed through a network-enabled electronic device. For example, a user may use a laptop computer to access data and services provided by an email client, natively installed application, web application, mobile application, and/or operating system. Furthermore, access to a user account and the associated resources is typically only granted after valid authentication credentials are provided by the user. For example, the user may be required to input a valid login and password to an email client before the user is allowed to access his/her email account through the email client. Because such authentication credentials may be used to both identify the user and prevent unauthorized access to the user account, knowledge of the authentication credentials should be restricted to authorized users of the user account.
However, conventional authentication credentials such as passwords may be exposed and/or compromised by attacks that target end users, websites, and/or databases. For example, a user may inadvertently reveal his/her username and password to an attacker by attempting to log in to a phishing website that resembles a legitimate website with which the user has a user account. Usernames, passwords, email addresses, credit card numbers, records, and/or other sensitive or personal information associated with multiple users may also be stolen in an attack that exploits a vulnerability of a database containing the information.
At the same time, users commonly use multiple user accounts and/or electronic devices to access different products, services, data, features, and/or resources associated with the user accounts and/or electronic devices. The users may thus be required to maintain different sets of authentication credentials (e.g., usernames and passwords, answers to security questions, biometric data, etc.) for accessing the user accounts from the electronic devices. Because multiple associations may exist among the user accounts, authentication credentials, and/or electronic devices, the users may find management of the authentication credentials and/or access to the user accounts to be difficult, time-consuming, and/or confusing.
Consequently, user authentication may be facilitated by mechanisms for reducing the complexity and/or security risk associated with the use of passwords and/or other conventional authentication credentials.