683 Hits in 4.6 sec

Leveraging Real-Life Facts to Make Random Passwords More Memorable [chapter]

Mahdi Nasrullah Al-Ameen, Kanis Fatema, Matthew Wright, Shannon Scielzo
2015 Lecture Notes in Computer Science  
User-chosen passwords fail to provide adequate security. Systemassigned random passwords are more secure but suffer from memorability problems.  ...  In particular, we examine the efficacy of augmenting a system-assigned password scheme based on textual recognition by providing users with verbal cues-real-life facts corresponding to the assigned keywords  ...  The TextV scheme offers verbal cues (i.e., real-life facts related to the keyword), where cues are shown both at registration and login.  ... 
doi:10.1007/978-3-319-24177-7_22 fatcat:nvujywhslbhvfiet4s6j5yuk5y

Towards Making Random Passwords Memorable: Leveraging Users' Cognitive Ability Through Multiple Cues [article]

Mahdi Nasrullah Al-Ameen, Matthew Wright, Shannon Scielzo
2015 arXiv   pre-print
To address this usability-security tension, we argue that systems should assign random passwords but also help with memorization and recall.  ...  System-assigned passwords provide measurable security but suffer from poor memorability.  ...  We are thankful to the anonymous reviewers for their thoughtful suggestions in improving the paper.  ... 
arXiv:1503.02314v1 fatcat:sgway3nmfjhhnnxvafvgpqeade

A Password Manager that Doesn't Remember Passwords

Elizabeth Stobert, Robert Biddle
2014 Proceedings of the 2014 workshop on New Security Paradigms Workshop - NSPW '14  
Instead of remembering passwords, Versipass remembers image cues for graphical passwords. These cues help users to better remember their passwords and to more easily link passwords with accounts.  ...  We have developed Versipass, a password manager that incorporates key elements of password managers and cued graphical passwords to avoid existing problems of password memorability and associating passwords  ...  Additionally, we would like to thank Furkan Alaca and Paul van Oorschot for their helpful comments that improved this paper.  ... 
doi:10.1145/2683467.2683471 dblp:conf/nspw/StobertB14 fatcat:up7iuifd6zefjnbeokurgc2lxy


Rohit Ashok Khot, Kannan Srinathan, Ponnurangam Kumaraguru
2011 Proceedings of the 2011 annual conference on Human factors in computing systems - CHI '11  
Marasim is aimed at achieving the security of random images with the memorability of personal images.  ...  These concepts are retrieved from the tags assigned to the image. We illustrate how a Jigsaw based approach helps to create a portfolio of system-chosen random images to be used for authentication.  ...  However, in real life, users are unlikely to create three passwords simultaneously and to recall them one after the other.  ... 
doi:10.1145/1978942.1979322 dblp:conf/chi/KhotSK11 fatcat:biblqbmlpncd3oid3eunptzzpe

Tightly-Held and Ephemeral Psychometrics: Password and Passphrase Authentication Utilizing User-Supplied Constructs of Self [article]

Christopher S. Pilson
2015 arXiv   pre-print
This research investigates the role of passwords and passphrases as valid authentication methodologies.  ...  Specifically, this research dispels earlier work that ignores information-theoretic lessons learned from cognitive and social psychology and psycholinguistics, and extends and enriches the current password  ...  This fact may be leveraged by an attacker examining a visual authentication system that does not make use of randomized image locations.  ... 
arXiv:1509.01662v1 fatcat:pzsfibxtyrayhl53jiantcm44i

Leveraging motor learning for a tangible password system

Martez Mott, Thomas Donahue, G. Michael Poor, Laura Leventhal
2012 Proceedings of the 2012 ACM annual conference extended abstracts on Human Factors in Computing Systems Extended Abstracts - CHI EA '12  
Since TUIs require users to use their hands in order to interact with the system, there is the possibility for these systems to leverage motor leaning to perform specific tasks.  ...  To resolve this problem, the benefits of TUIs must be analyzed and matched to an application domain where they hold advantages over more traditional systems.  ...  Discussion of Password Memorability A system which leverages motor learning may offer its own benefits (e.g. memorability), but at this time it is unknown exactly how memorable the system's passwords are  ... 
doi:10.1145/2212776.2223842 dblp:conf/chi/MottDPL12 fatcat:75mf5qtwgvhrbmqkch35queqim

Leveraging 3D Benefits for Authentication

Jonathan Gurary, Ye Zhu, Huirong Fu
2017 International Journal of Communications, Network and System Sciences  
Our user study finds that 3DPass has superior memorability versus traditional alphanumeric passwords: 98% vs 83% recall rates after one week.  ...  Our security analysis of 3DPass demonstrates that 3DPass can exceed the password space of an 8 character alphanumeric password with just 6 choices.  ...  in similar circumstances in real life".  ... 
doi:10.4236/ijcns.2017.108b035 fatcat:mj7i2tx2trai7a26munsxouv3q

An Exploration of Graphical Password Authentication for Children [article]

Hala Assal, Ahsan Imran, Sonia Chiasson
2016 arXiv   pre-print
Both children and adults prefer graphical passwords to their existing schemes, but password memorization strategies differ considerably between the two groups.  ...  Based on our findings, we provide recommendations for designing more child-friendly authentication schemes.  ...  The scenario was more difficult than would be in a real life situation, e.g., users do not normally have to memorize three different passwords in a very short time frame.  ... 
arXiv:1610.09743v1 fatcat:mraq33ernbegjm6yfzmcs444me

Graphical passwords

Robert Biddle, Sonia Chiasson, P.C. Van Oorschot
2012 ACM Computing Surveys  
Starting around 1999, a great many graphical password schemes have been proposed as alternatives to text-based password authentication.  ...  We then review usability requirements for knowledge-based authentication as they apply to graphical passwords, identify security threats that such systems must address and review known attacks, discuss  ...  behave more or less securely based entirely on the instructions (which may not reflect a real life scenario).  ... 
doi:10.1145/2333112.2333114 fatcat:4kdrwtfffvdkrjxcodefwr3awi

Correct horse battery staple

Richard Shay, Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Blase Ur, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor
2012 Proceedings of the Eighth Symposium on Usable Privacy and Security - SOUPS '12  
In a 1,476-participant online study, we explored the usability of 3-and 4-word systemassigned passphrases in comparison to system-assigned passwords composed of 5 to 6 random characters, and 8-character  ...  Users tend to create passwords that are easy to guess, while systemassigned passwords tend to be hard to remember.  ...  Jeyaraman and Topkara suggest randomly generating a lower-case password and then automatically creating a mnemonic for that random password in order to make system-assigned passwords more memorable [26  ... 
doi:10.1145/2335356.2335366 dblp:conf/soups/ShayKKMUVBCC12 fatcat:dfnnv3jp7baerkb2vz3b4eg3vi

ECCO Mnemonic Authentication—Two-Factor Authentication Method with Ease-of-Use

Saman Gerami Moghaddam, Amin Nasiri, Mohsen Sharifi
2014 International Journal of Computer Network and Information Security  
to be authenticated more accurately.  ...  Also, we have tested our method with almost 6500 users in real world using The Mechanical Turk Developer Sandbox.  ...  Also, a very special thanks to Mr. Hossein Siadati, for providing us a valuable information in this area.  ... 
doi:10.5815/ijcnis.2014.07.02 fatcat:evkemp7apzflfdjtqkdjiytiwm

Camera Based Two Factor Authentication Through Mobile and Wearable Devices

Mozhgan Azimpourkivi, Umut Topkara, Bogdan Carbunar
2017 Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies  
Users choose their trinkets similar to setting a password, and authenticate by presenting the same trinket to the camera. The fact that the object is the trinket, is secret to the user.  ...  In a user study with 42 participants over 8 days in 3 sessions we found that Pixie outperforms text based passwords on memorability, speed, and user preference.  ...  Pixie is perceived easier, more memorable and faster than text passwords for login and the perceived advantage is not due to random choice.  ... 
doi:10.1145/3131904 fatcat:oyuh3wmtfrhd7gjxiczp7apneu

SemanticLock: An authentication method for mobile devices using semantically-linked images [article]

Ilesanmi Olade and Haining Liang and Charles Fleming
2019 arXiv   pre-print
SemanticLock uses a set of graphical images as password tokens that construct a semantically memorable story representing the user's password.  ...  Semantic Lock has a high resistance to smudge attacks and it equally exhibits a higher level of memorability due to its graphical paradigm.  ...  The massive disclosure of millions of real-life user passwords in hacked password databases [8] , [28] , [43] from several websites such as RockYou, Yahoo, Hotmail, Flirtlife and Computerbits, exposed  ... 
arXiv:1806.11361v3 fatcat:bywnfdyo2jhgnlantq3fpfcnjm

A Comprehensive Study of the GeoPass User Authentication Scheme [article]

Mahdi Nasrullah Al-Ameen The University of Texas at Arlington, Arlington, TX, USA)
2014 arXiv   pre-print
First, we performed a field study over two months, in which users in a real-world setting remembered their location-passwords 96% of the time and showed improvement with more login sessions.  ...  Their study showed very high memorability (97%) and satisfactory resilience against online guessing, which means that GeoPass has compelling features for real-world use.  ...  current state and identified the issues that need to be addressed in future research for wide-scale deployment of digital-mapbased authentication schemes. X.  ... 
arXiv:1408.2852v1 fatcat:zrwnrojrhbczhcdi3x4ihr4aym

Exploring usability effects of increasing security in click-based graphical passwords

Elizabeth Stobert, Alain Forget, Sonia Chiasson, P. C. van Oorschot, Robert Biddle
2010 Proceedings of the 26th Annual Computer Security Applications Conference on - ACSAC '10  
For example, memorable user-chosen text passwords are predictable, but random system-assigned passwords are difficult to remember.  ...  Graphical passwords have been proposed to address known problems with traditional text passwords.  ...  In real life, it is extremely unlikely that a user would create six passwords in a row, then not see them again for two weeks, until they tried to log into all six accounts.  ... 
doi:10.1145/1920261.1920273 dblp:conf/acsac/StobertFCOB10 fatcat:mko5mazpenh7zoxt3xw52sk5ea
« Previous Showing results 1 — 15 out of 683 results