User-friendly password methods for computer-mediated information systems
Computers and Security
A survey of password mechanisms: weaknesses and potential improvement, part 1
Computers and Security
A survey of password mechanisms: weaknesses and potential improvements. part 2
Computers and Security
Pass-sentence—a new approach to computer code
Computers and Security
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Information Security: Science, Pseudoscience, and Flying Pigs
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Password Memorability and Security: Empirical Results
IEEE Security and Privacy
A gesture-based authentication scheme for untrusted public terminals
Proceedings of the 17th annual ACM symposium on User interface software and technology
PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Human selection of mnemonic phrase-based passwords
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Password sharing: implications for security design based on social practice
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A large-scale study of web password habits
Proceedings of the 16th international conference on World Wide Web
The Emperor's New Security Indicators
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
Do strong web passwords accomplish anything?
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
AMS '08 Proceedings of the 2008 Second Asia International Conference on Modelling & Simulation (AMS)
Influencing users towards better passwords: persuasive cued click-points
BCS-HCI '08 Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1
Exploring the Use of Discrete Gestures for Authentication
INTERACT '09 Proceedings of the 12th IFIP TC 13 International Conference on Human-Computer Interaction: Part II
A closer look at recognition-based graphical passwords on mobile devices
Proceedings of the Sixth Symposium on Usable Privacy and Security
Implicit authentication for mobile devices
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Testing metrics for password creation policies by attacking large sets of revealed passwords
Proceedings of the 17th ACM conference on Computer and communications security
The security of modern password expiration: an algorithmic framework and empirical analysis
Proceedings of the 17th ACM conference on Computer and communications security
Why is there no science in cyber science?: a panel discussion at NSPW 2010
Proceedings of the 2010 workshop on New security paradigms
Barriers to science in security
Proceedings of the 26th Annual Computer Security Applications Conference
Improving usability through password-corrective hashing
SPIRE'06 Proceedings of the 13th international conference on String Processing and Information Retrieval
IEEE Transactions on Dependable and Secure Computing
Evaluating the usability and security of a graphical one-time PIN system
BCS '10 Proceedings of the 24th BCS Interaction Specialist Group Conference
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
User Study, Analysis, and Usable Security of Passwords Based on Digital Objects
IEEE Transactions on Information Forensics and Security - Part 2
A Research Agenda Acknowledging the Persistence of Passwords
IEEE Security and Privacy
Point-and-shoot security design: can we build better tools for developers?
Proceedings of the 2012 workshop on New security paradigms
Video-passwords: advertising while authenticating
Proceedings of the 2012 workshop on New security paradigms
Usability and security evaluation of GeoPass: a geographic location-password scheme
Proceedings of the Ninth Symposium on Usable Privacy and Security
Hi-index | 0.00 |
Our agenda is two-fold. First, we introduce and give a technical description of gridWord, a novel knowledge-based authentication mechanism involving elements of both text and graphical passwords. It is intended to address a new research challenge arising from the evolution of Internet access devices, and which may arguably be viewed as motivating a new paradigm: remote access password schemes which accommodate users who alternately login from devices with, and without, full physical keyboards (e.g., users alternating between desktops with easy text input, and mobile devices with tiny or touch-screen virtual keyboards). While the core ideas behind gridWord are well-formed, and may be viewed as a new variation of old (text-based) ideas of building passwords from multiple words, many aspects including recommended parameterization and configuration details, preferred platforms, and primary targets of application remain to be explored in detail. We nonetheless solicit early feedback from the community for several reasons, related to our second agenda item: we use gridWord as a concrete target to focus exploration of a number of questions involving (a) the evaluation of usable security proposals, (b) the often conflicting objectives of various parties involved in the publication of academic research, and (c) the relationship between the design and publication of new security mechanisms and the pursuit of scientific knowledge through experimentation. We believe the second agenda item is important to pursue, given our observation that experts in usability and security have widely varying expectations, and lack consensus on what is important for the evaluation, comparison, and publication of usable security proposals.