5,924 Hits in 6.6 sec

On the ecological validity of a password study

Sascha Fahl, Marian Harbach, Yasemin Acar, Matthew Smith
2013 Proceedings of the Ninth Symposium on Usable Privacy and Security - SOUPS '13  
In this paper, we present a study on the ecological validity of password studies designed specifically to shed light on this issue.  ...  step in judging the impact of ecological validity on password studies.  ...  A STUDY OF STUDYING PASSWORDS Preamble In this paper, we present a study on the ecological validity of a password study to shed some light on this complex topic.  ... 
doi:10.1145/2501604.2501617 dblp:conf/soups/FahlHAS13 fatcat:ohbiyld3ejcbbgdsy7wpl6wphi

The MVP Web-Based Authentication Framework [chapter]

Sonia Chiasson, Chris Deschamps, Elizabeth Stobert, Max Hlywa, Bruna Freitas Machado, Alain Forget, Nicholas Wright, Gerry Chan, Robert Biddle
2012 Lecture Notes in Computer Science  
One application is its use in conducting ecologically valid user studies of authentication schemes under the same experimental conditions.  ...  We introduce MVP and its key characteristics, discuss implementation of several authentication schemes, and report on a user study successfully comparing four schemes.  ...  CONCLUSIONS MVP is a web-based authentication framework which we used for conducting more ecologically valid user studies of authentication schemes.  ... 
doi:10.1007/978-3-642-32946-3_2 fatcat:udkvou5og5fizaw3b6vunsbrve

Usability and strength in click-based graphical passwords

Elizabeth Stobert
2010 Proceedings of the 28th of the international conference extended abstracts on Human factors in computing systems - CHI EA '10  
We investigated the usability of such a graphical password system when its parameters were adjusted to provide security equivalent to (or better than) that of text passwords.  ...  This suggests that the preferred method for adjusting security can be dictated by the constraints of devices and preferences of users.  ...  This work was supported by the Natural Sciences and Engineering Research Council of Canada.  ... 
doi:10.1145/1753846.1754144 dblp:conf/chi/Stobert10 fatcat:2qa765vkovhfnjd2egmrv6aqg4

Graphical Passwords in the Wild

Florian Alt, Stefan Schneegass, Alireza Sahami Shirazi, Mariam Hassib, Andreas Bulling
2015 Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services - MobileHCI '15  
We present the first study to investigate how image-based passwords are used over long periods of time in the real world.  ...  Our analyses are based on data from 2318 unique devices collected over more than one year using a custom application released in the Android Play store.  ...  ACKNOWLEDGEMENTS We thank Frank Steimle for his help with maintaining the SmudgeSafe application for the duration of the study.  ... 
doi:10.1145/2785830.2785882 dblp:conf/mhci/AltSSHB15 fatcat:wmczyiapg5cbbnzvp7dz2o2rtq

Graphical passwords

Robert Biddle, Sonia Chiasson, P.C. Van Oorschot
2012 ACM Computing Surveys  
We provide a comprehensive overview of published research in the area, covering both usability and security aspects, as well as system evaluation.  ...  Starting around 1999, a great many graphical password schemes have been proposed as alternatives to text-based password authentication.  ...  The first and third authors acknowledge Discovery Grants through the Natural Sciences and Engineering Research Council of Canada (NSERC).  ... 
doi:10.1145/2333112.2333114 fatcat:4kdrwtfffvdkrjxcodefwr3awi

Of passwords and people

Saranga Komanduri, Richard Shay, Patrick Gage Kelley, Michelle L. Mazurek, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman
2011 Proceedings of the 2011 annual conference on Human factors in computing systems - CHI '11  
We characterize the predictability of passwords by calculating their entropy, and find that a number of commonly held beliefs about password composition and strength are inaccurate.  ...  We present a large-scale study that investigates password strength, user behavior, and user sentiment across four password-composition policies.  ...  by a gift from Microsoft Research.  ... 
doi:10.1145/1978942.1979321 dblp:conf/chi/KomanduriSKMBCCE11 fatcat:4rsotwiktzhw5gpjcied5tzyse

A Personalization Method Based on Human Factors for Improving Usability of User Authentication Tasks [chapter]

Marios Belk, Panagiotis Germanakos, Christos Fidas, George Samaras
2014 Lecture Notes in Computer Science  
Necessity for Increasing Usability of Passwords Studies revealed major usability issues of current password mechanisms (Komanduri et al., 2011; Bonneau et al., 2012) • Policies make passwords hard to  ...  Speed of Processing Elicitation Read a number of words designating a color written in the same or different ink color Eighteen words were illustrated to the participants illustrating the words "red", "  ...  Validity of the Study Internal validity: We recruited a sample of participants already familiarized with user authentication prior to the study the participants involved rather experienced and average  ... 
doi:10.1007/978-3-319-08786-3_2 fatcat:2wszqpijizdxjhlvmmhxm5vmke

Visual end-user security

E. Stobert, R. Biddle
2012 2012 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)  
When studying security products, ecological validity is very important, and we would like to study use of the password manager in a real life situation.  ...  PassTiles presents the user with a grid of password tiles, and their password consists of a number of those tiles. To log in, the user must click on the correct tiles (in any order).  ... 
doi:10.1109/vlhcc.2012.6344529 dblp:conf/vl/StobertB12 fatcat:lqjt36aih5erxfmvo7vcx2k6ua

Deploying authentication in the wild: towards greater ecological validity in security usability studies

Seb Aebischer, Claudio Dettoni, Graeme Jenkinson, Kat Krol, David Llewellyn-Jones, Toshiyuki Masui, Frank Stajano
2020 Journal of Cybersecurity  
We focus particularly on the ecological validity of the trials and we thereby gain valuable insights into the viability of Pico, not only through the actual responses from the participants but also through  ...  From the lessons of this first study, we retarget Pico's focus from replacing web passwords to replacing desktop login passwords; and thus in our second study we engage with a government organization,  ...  The Gyazo pilot study was originally written up as a workshop paper by the same authors [9] and praised by the referees for its emphasis on ecological validity.  ... 
doi:10.1093/cybsec/tyaa010 fatcat:buiytsxuqbdbxdjy6m6q6j5nkm

Systematic Overview of Password Security Problems

2019 Acta Polytechnica Hungarica  
We find that only 3 studies have a representative sample, which may indicate that the results of the majority of the studies cannot be generalized.  ...  The results show that only 42 out of 63 relevant studies propose a solid solution to deal with the identified problems with alphanumeric passwords, but only 17 have statistically verified it.  ...  Acknowledgement The authors acknowledge the financial support from the Slovenian Research Agency (research core funding No. P2-0057).  ... 
doi:10.12700/aph.16.3.2019.3.8 fatcat:fbjthzek4zbszksgndsyw6oi5q

Does my password go up to eleven?

Serge Egelman, Andreas Sotirakopoulos, Ildar Muslukhov, Konstantin Beznosov, Cormac Herley
2013 Proceedings of the SIGCHI Conference on Human Factors in Computing Systems - CHI '13  
were the subject of a study.  ...  We observed that the presence of meters yielded significantly stronger passwords.  ...  for Education and Research in Secure Systems Engineering (LERSSE) for providing feedback on the various stages of the laboratory experiment.  ... 
doi:10.1145/2470654.2481329 dblp:conf/chi/EgelmanSMBH13 fatcat:ufbeiygmwnc5bjsbc7t3uqog2y

Shoulder-surfing resistance with eye-gaze entry in cued-recall graphical passwords

Alain Forget, Sonia Chiasson, Robert Biddle
2010 Proceedings of the 28th international conference on Human factors in computing systems - CHI '10  
Our 45-participant lab study is the first evaluation of gaze-based password entry via user-selected points on images.  ...  We present Cued Gaze-Points (CGP) as a shoulder-surfing resistant cued-recall graphical password scheme where users gaze instead of mouse-click.  ...  ACKNOWLEDGEMENTS We thank the anonymous referees whose comments improved this paper's clarity. This work was supported by the Natural Science and Engineering Research Council of Canada (NSERC).  ... 
doi:10.1145/1753326.1753491 dblp:conf/chi/ForgetCB10 fatcat:i2juslqpvvep3ckapeg2nge3le

Free-Form Gesture Authentication in the Wild

Yulong Yang, Gradeigh D. Clark, Janne Lindqvist, Antti Oulasvirta
2016 Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems - CHI '16  
Our study leveraged Experience Sampling Methodology to increase ecological validity while maintaining control of the experiment.  ...  We present the first field study (N=91) of mobile authentication using free-form gestures, with text passwords as a baseline.  ...  Asking participants to use unique passwords at different points of time improved the ecological validity of the study.  ... 
doi:10.1145/2858036.2858270 dblp:conf/chi/YangCLO16 fatcat:t25calanuzgwjcnldc6yk3klle

Security for Diversity: Studying the Effects of Verbal and Imagery Processes on User Authentication Mechanisms [chapter]

Marios Belk, Christos Fidas, Panagiotis Germanakos, George Samaras
2013 Lecture Notes in Computer Science  
In particular, a text-based password authentication mechanism and a recognition-based graphical authentication mechanism were deployed in the frame of an ecological valid user study, to investigate the  ...  security and usability issues of textbased passwords, however, few schemes exist that deliver on the original promise of addressing the known problems with text-based passwords since many of the same  ...  We would like to thank all the participants of the study for their time and qualitative feedback in the frame of the focus group sessions.  ... 
doi:10.1007/978-3-642-40477-1_27 fatcat:o26ngxoddferra7h3wlu3t4qqq

Graphical passwords & qualitative spatial relations

Di Lin, Paul Dunphy, Patrick Olivier, Jeff Yan
2007 Proceedings of the 3rd symposium on Usable privacy and security - SOUPS '07  
The use of qualitative spatial relations relaxes the tight constraints on the reconstruction of a secret; allowing a range of deviations from the original.  ...  We describe QDAS (Qualitative Draw-A-Secret), an initial implementation of this graphical password scheme, and the results of an empirical study in which we examined the memorability of secrets, and their  ...  In future we plan to further analyze QDAS by running more studies, and in particular we hope to accurately simulate the context of shoulder-surfing scenario to improve the ecological validity of our findings  ... 
doi:10.1145/1280680.1280708 dblp:conf/soups/LinDOY07 fatcat:erpi72niyjgqxiepkbpdx73a5m
« Previous Showing results 1 — 15 out of 5,924 results