Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Communications of the ACM
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Hi-index | 0.00 |
It is well known that humans are far better in recalling person's face than his name. One of the promising approaches for devising a secure password scheme would be using a set of images as passwords rather than conventional PIN numbers. We have investigated such potential using an experimental paradigm by which security and usability for three different categories of images (i.e. landscapes scenes, random faces, familiar faces) can be compared. The results suggest that performance of the subjects was reliably higher for the “familiar faces” case than for other cases. Issues such as “Known-face attack” and “Camera Attack” were discussed. We propose a more secure, and yet usable, visual password system by exploiting human's innate capability of fast face identification against serial images of faces and implement it on a PDA for using within the pervasive and mobile environment.