The traditional two-factor authentication (2FA) methods primarily rely on the user manually entering a code or token during the authentication process. This can be burdensome and time-consuming, particularly for users who must be authenticated frequently. To tackle this challenge, we present a novel 2FA approach replacing the user's input with decisions made by Machine Learning (ML) that continuously verifies the user's identity with zero effort. Our system exploits unique environmental features associated with the user, such as beacon frame characteristics and Received Signal Strength Indicator (RSSI) values from Wi-Fi Access Points (APs). These features are gathered and analyzed in real-time by our ML algorithm to ascertain the user's identity. For enhanced security, our system mandates that the user's two devices (i.e., a login device and a mobile device) be situated within a predetermined proximity before granting access. This precaution ensures that unauthorized users cannot access sensitive information or systems, even with the correct login credentials. Through experimentation, we have demonstrated our system's effectiveness in determining the location of the user's devices based on beacon frame characteristics and RSSI values, achieving an accuracy of 92.4%. Additionally, we conducted comprehensive security analysis experiments to evaluate the proposed 2FA system's resilience against various cyberattacks. Our findings indicate that the system exhibits robustness and reliability in the face of these threats. The scalability, flexibility, and adaptability of our system render it a promising option for organizations and users seeking a secure and convenient authentication system.

翻译：传统双因素认证（2FA）方法主要依赖用户在认证过程中手动输入验证码或令牌。对于需要频繁认证的用户而言，这种方法既繁琐又耗时。为应对这一挑战，我们提出了一种新型2FA方法，用机器学习（ML）的决策替代用户输入，以零负担方式持续验证用户身份。该系统利用与用户相关的独特环境特征，例如Wi-Fi接入点（AP）的信标帧特征和接收信号强度指示（RSSI）值。这些特征由我们的ML算法实时采集分析，以确定用户身份。为增强安全性，系统要求用户的两台设备（即登录设备和移动设备）处于预设距离范围内方可允许访问。该措施确保即使拥有正确的登录凭证，未授权用户也无法访问敏感信息或系统。通过实验验证，基于信标帧特征和RSSI值，系统在确定用户设备位置方面实现了92.4%的准确率。此外，我们进行了全面的安全分析实验，评估所提2FA系统抵御各类网络攻击的能力。结果表明，该系统在应对这些威胁时展现出鲁棒性和可靠性。系统的可扩展性、灵活性和适应性使其成为追求安全便捷认证机制的组织及用户的理想选择。