The specification relates to authenticating a log-in request based on location. In particular, the specification relates to authenticating a log-in request based on the location of the log-in request and the location of a user device.
There are a number of email account logins and passwords that are being stolen by keyloggers for account hijacking or takeover to send spam from those accounts. Fraud and unauthorized account use is also on the rise. Imposters or users other than the person that created the account may use systems that require only a login name and a simple password. Due to the increase in fraudulent activities, there is a need to improve authentication of user log-ins.
Systems that only require a username and password are too often compromised and are especially vulnerable given users' tendencies to use the same password for multiple accounts. Even two-level authentication methods that request a piece of personal information, such as the user's school mascot or mother's maiden name are problematic since this information may be publicly available. As a result, improved authentication methods are needed.