Leveraging Real-Life Facts to Make Random Passwords More Memorable.

User-chosen passwords fail to provide adequate security. Systemassigned random passwords are more secure but suffer from memorability problems. ... In particular, we examine the efficacy of augmenting a system-assigned password scheme based on textual recognition by providing users with verbal cues-real-life facts corresponding to the assigned keywords ... The TextV scheme offers verbal cues (i.e., real-life facts related to the keyword), where cues are shown both at registration and login. ...

doi:10.1007/978-3-319-24177-7_22 fatcat:nvujywhslbhvfiet4s6j5yuk5y

To address this usability-security tension, we argue that systems should assign random passwords but also help with memorization and recall. ... System-assigned passwords provide measurable security but suffer from poor memorability. ... We are thankful to the anonymous reviewers for their thoughtful suggestions in improving the paper. ...

arXiv:1503.02314v1 fatcat:sgway3nmfjhhnnxvafvgpqeade

Instead of remembering passwords, Versipass remembers image cues for graphical passwords. These cues help users to better remember their passwords and to more easily link passwords with accounts. ... We have developed Versipass, a password manager that incorporates key elements of password managers and cued graphical passwords to avoid existing problems of password memorability and associating passwords ... Additionally, we would like to thank Furkan Alaca and Paul van Oorschot for their helpful comments that improved this paper. ...

doi:10.1145/2683467.2683471 dblp:conf/nspw/StobertB14 fatcat:up7iuifd6zefjnbeokurgc2lxy

Marasim is aimed at achieving the security of random images with the memorability of personal images. ... These concepts are retrieved from the tags assigned to the image. We illustrate how a Jigsaw based approach helps to create a portfolio of system-chosen random images to be used for authentication. ... However, in real life, users are unlikely to create three passwords simultaneously and to recall them one after the other. ...

doi:10.1145/1978942.1979322 dblp:conf/chi/KhotSK11 fatcat:biblqbmlpncd3oid3eunptzzpe

This research investigates the role of passwords and passphrases as valid authentication methodologies. ... Specifically, this research dispels earlier work that ignores information-theoretic lessons learned from cognitive and social psychology and psycholinguistics, and extends and enriches the current password ... This fact may be leveraged by an attacker examining a visual authentication system that does not make use of randomized image locations. ...

arXiv:1509.01662v1 fatcat:pzsfibxtyrayhl53jiantcm44i

Since TUIs require users to use their hands in order to interact with the system, there is the possibility for these systems to leverage motor leaning to perform specific tasks. ... To resolve this problem, the benefits of TUIs must be analyzed and matched to an application domain where they hold advantages over more traditional systems. ... Discussion of Password Memorability A system which leverages motor learning may offer its own benefits (e.g. memorability), but at this time it is unknown exactly how memorable the system's passwords are ...

doi:10.1145/2212776.2223842 dblp:conf/chi/MottDPL12 fatcat:75mf5qtwgvhrbmqkch35queqim

Our user study finds that 3DPass has superior memorability versus traditional alphanumeric passwords: 98% vs 83% recall rates after one week. ... Our security analysis of 3DPass demonstrates that 3DPass can exceed the password space of an 8 character alphanumeric password with just 6 choices. ... in similar circumstances in real life". ...

doi:10.4236/ijcns.2017.108b035 fatcat:mj7i2tx2trai7a26munsxouv3q

Open Access

Both children and adults prefer graphical passwords to their existing schemes, but password memorization strategies differ considerably between the two groups. ... Based on our findings, we provide recommendations for designing more child-friendly authentication schemes. ... The scenario was more difficult than would be in a real life situation, e.g., users do not normally have to memorize three different passwords in a very short time frame. ...

arXiv:1610.09743v1 fatcat:mraq33ernbegjm6yfzmcs444me

Starting around 1999, a great many graphical password schemes have been proposed as alternatives to text-based password authentication. ... We then review usability requirements for knowledge-based authentication as they apply to graphical passwords, identify security threats that such systems must address and review known attacks, discuss ... behave more or less securely based entirely on the instructions (which may not reflect a real life scenario). ...

doi:10.1145/2333112.2333114 fatcat:4kdrwtfffvdkrjxcodefwr3awi

In a 1,476-participant online study, we explored the usability of 3-and 4-word systemassigned passphrases in comparison to system-assigned passwords composed of 5 to 6 random characters, and 8-character ... Users tend to create passwords that are easy to guess, while systemassigned passwords tend to be hard to remember. ... Jeyaraman and Topkara suggest randomly generating a lower-case password and then automatically creating a mnemonic for that random password in order to make system-assigned passwords more memorable [26 ...

doi:10.1145/2335356.2335366 dblp:conf/soups/ShayKKMUVBCC12 fatcat:dfnnv3jp7baerkb2vz3b4eg3vi

to be authenticated more accurately. ... Also, we have tested our method with almost 6500 users in real world using The Mechanical Turk Developer Sandbox. ... Also, a very special thanks to Mr. Hossein Siadati, for providing us a valuable information in this area. ...

doi:10.5815/ijcnis.2014.07.02 fatcat:evkemp7apzflfdjtqkdjiytiwm

Open Access

Users choose their trinkets similar to setting a password, and authenticate by presenting the same trinket to the camera. The fact that the object is the trinket, is secret to the user. ... In a user study with 42 participants over 8 days in 3 sessions we found that Pixie outperforms text based passwords on memorability, speed, and user preference. ... Pixie is perceived easier, more memorable and faster than text passwords for login and the perceived advantage is not due to random choice. ...

doi:10.1145/3131904 fatcat:oyuh3wmtfrhd7gjxiczp7apneu

Multiple Versions

SemanticLock uses a set of graphical images as password tokens that construct a semantically memorable story representing the user's password. ... Semantic Lock has a high resistance to smudge attacks and it equally exhibits a higher level of memorability due to its graphical paradigm. ... The massive disclosure of millions of real-life user passwords in hacked password databases [8] , [28] , [43] from several websites such as RockYou, Yahoo, Hotmail, Flirtlife and Computerbits, exposed ...

arXiv:1806.11361v3 fatcat:bywnfdyo2jhgnlantq3fpfcnjm

Multiple Versions

First, we performed a field study over two months, in which users in a real-world setting remembered their location-passwords 96% of the time and showed improvement with more login sessions. ... Their study showed very high memorability (97%) and satisfactory resilience against online guessing, which means that GeoPass has compelling features for real-world use. ... current state and identified the issues that need to be addressed in future research for wide-scale deployment of digital-mapbased authentication schemes. X. ...

arXiv:1408.2852v1 fatcat:zrwnrojrhbczhcdi3x4ihr4aym

For example, memorable user-chosen text passwords are predictable, but random system-assigned passwords are difficult to remember. ... Graphical passwords have been proposed to address known problems with traditional text passwords. ... In real life, it is extremely unlikely that a user would create six passwords in a row, then not see them again for two weeks, until they tried to log into all six accounts. ...

doi:10.1145/1920261.1920273 dblp:conf/acsac/StobertFCOB10 fatcat:mko5mazpenh7zoxt3xw52sk5ea

Leveraging Real-Life Facts to Make Random Passwords More Memorable [chapter]

Preserved Fulltext

Towards Making Random Passwords Memorable: Leveraging Users' Cognitive Ability Through Multiple Cues [article]

Preserved Fulltext

A Password Manager that Doesn't Remember Passwords

Preserved Fulltext

MARASIM

Preserved Fulltext

Tightly-Held and Ephemeral Psychometrics: Password and Passphrase Authentication Utilizing User-Supplied Constructs of Self [article]

Preserved Fulltext

Leveraging motor learning for a tangible password system

Preserved Fulltext

Leveraging 3D Benefits for Authentication

Preserved Fulltext

An Exploration of Graphical Password Authentication for Children [article]

Preserved Fulltext

Graphical passwords

Preserved Fulltext

Correct horse battery staple

Preserved Fulltext

ECCO Mnemonic Authentication—Two-Factor Authentication Method with Ease-of-Use

Preserved Fulltext

Camera Based Two Factor Authentication Through Mobile and Wearable Devices

Preserved Fulltext

SemanticLock: An authentication method for mobile devices using semantically-linked images [article]

Preserved Fulltext

Other Versions

A Comprehensive Study of the GeoPass User Authentication Scheme [article]

Preserved Fulltext

Exploring usability effects of increasing security in click-based graphical passwords

Preserved Fulltext