Exploration and field study of a password manager using icon-based passwords

Authors:
Kemal Bicakci;Nart Bedin Atalay;Mustafa Yuceel;P. C. van Oorschot
Affiliations:
TOBB University of Economics and Technology, Turkey;Selcuk University, Turkey;TOBB University of Economics and Technology, Turkey;School of Computer Science, Carleton University, Canada
Venue:
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Year:
2011

Citing 16
Cited 1

Persuasive Technology: Using Computers to Change What We Think and Do

Persuasive Technology: Using Computers to Change What We Think and Do
How to Make Personalized Web Browising Simple, Secure, and Anonymous

FC '97 Proceedings of the First International Conference on Financial Cryptography
A convenient method for securely managing passwords

WWW '05 Proceedings of the 14th international conference on World Wide Web
PassPoints: design and longitudinal evaluation of a graphical password system

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Passpet: convenient password management and phishing protection

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
A large-scale study of web password habits

Proceedings of the 16th international conference on World Wide Web
On user choice in graphical password schemes

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Stronger password authentication using browser extensions

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
The design and analysis of graphical passwords

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A usability study and critique of two password managers

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Password management using doodles

Proceedings of the 9th international conference on Multimodal interfaces
Human-seeded attacks and exploiting hot-spots in graphical passwords

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Influencing users towards better passwords: persuasive cued click-points

BCS-HCI '08 Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1
Towards Usable Solutions to Graphical Password Hotspot Problem

COMPSAC '09 Proceedings of the 2009 33rd Annual IEEE International Computer Software and Applications Conference - Volume 02
So long, and no thanks for the externalities: the rational rejection of security advice by users

NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
A billion keys, but few locks: the crisis of web single sign-on

Proceedings of the 2010 workshop on New security paradigms

Revisiting graphical passwords for augmenting, not replacing, text passwords

Proceedings of the 29th Annual Computer Security Applications Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

We carry out a hybrid lab and field study of a password manager program, and report on usability and security. Our study explores iPMAN, a browser-based password manager that in addition uses a graphical password scheme for the master password. We present our findings as a set of observations and insights expected to be of interest both to those exploring password managers, and graphical passwords.