Research Article
Resetting Your Password Is Vulnerable: A Security Study of Common SMS-Based Authentication in IoT Device
Table 1
Summary of IoT Apps under testing.
| | Type | Vendor | AndroidApp | UI Model |
| | Watch | ToyCloud | com.watch.www | Single-stage Password Reset | | Lock | Panasonic | com..digitallock | Single-stage Password Reset | | SharingCar | Panda | com..usecar | Single-stage SMS Login | | SharingCar | win-sky | com..drivevi | Single-stage SMS Login | | Router | ximo | com..router | Single-stage Password Reset | | HomeGate | HuiJu | com..devices | Single-stage Password Reset | | Robot | lejurobot | com..zelos | Multi-stage password Reset | | Car Cmera | DUDU | com...laucher | Single-stage Password Reset | | HomeGate | BroadLink | com..rmt | Multi-stage password Reset | | Car | DasAuto | com..faw.vw. | Multi-stage password Reset | | IP Camera | uniview | com..ezview | Multi-stage password Reset | | Car | DongFeng | com..windlink | Single-stage Password Reset |
|
|
