SoK: Web Authentication and Recovery in the Age of End-to-End Encryption
Authors: Jenny Blessing (University of Cambridge), Daniel Hugenroth (University of Cambridge), Ross Anderson (University of Cambridge), Alastair Beresford (University of Cambridge)
Volume: 2025
Issue: 3
Pages: 560–589
DOI: https://doi.org/10.56553/popets-2025-0113
Abstract: The advent of end-to-end encryption (E2EE) has brought new challenges for usable authentication and recovery. Compared to regular web services, the nature of E2EE requires that the provider cannot recover data for users who have forgotten passwords or lost devices. More robust recovery schemes are therefore required, leading to a plethora of solutions ranging from randomly-generated recovery codes to social authentication. These implications have spread to new forms of authentication and legacy web services: passwordless authentication (``passkeys'') has become a promising candidate to replace passwords altogether, but is inherently device-bound. However, users expect that they can login from multiple devices and recover their passwords in case of device loss---prompting providers to sync credentials to cloud storage using E2EE and making contemporary authentication for even non-E2EE services dependent on E2EE. Hence, E2EE authentication quickly becomes relevant not only for a niche group of dedicated E2EE enthusiasts but for the general public using the passwordless authentication techniques promoted by their device vendors. In this paper we systematize existing research literature and industry practice relating to security, privacy, usability, and recoverability of both end-user authentication to E2EE services and the use of E2EE in securing backend credential databases. We investigate authentication and recovery schemes in all widely-used E2EE web services, analyze syncing protocols for E2EE credential managers, and survey passwordless authentication deployment in the top-300 most popular websites. Finally, we present concrete research directions based on observed gaps between industry deployment and academic literature.
Keywords: authentication, E2EE, web, passwords, passkeys, recovery
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.
