PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
EVT'08 Proceedings of the conference on Electronic voting technology
Graphical password authentication using cued click points
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Robust Authentication Using Physically Unclonable Functions
ISC '09 Proceedings of the 12th International Conference on Information Security
Proceedings of the Sixth Symposium on Usable Privacy and Security
Duress detection for authentication attacks against multiple administrators
Proceedings of the 2010 ACM workshop on Insider threats
Selections: internet voting with over-the-shoulder coercion-resistance
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
Cobra: toward concurrent ballot authorization for internet voting
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
A practical coercion resistant voting scheme revisited
Vote-ID'13 Proceedings of the 4th international conference on E-Voting and Identity
Proceedings of the 2013 workshop on New security paradigms workshop
Explicit authentication response considered harmful
Proceedings of the 2013 workshop on New security paradigms workshop
Hi-index | 0.00 |
Panic passwords allow a user to signal duress during authentication. We show that the well-known model of giving a user two passwords, a 'regular' and a 'panic' password, is susceptible to iteration and forced-randomization attacks, and is secure only within a very narrow threat model. We expand this threat model significantly, making explicit assumptions and tracking four parameters. We also introduce several new panic password systems to address new categories of scenarios.