Securing passwords against dictionary attacks
Proceedings of the 9th ACM conference on Computer and communications security
Password Memorability and Security: Empirical Results
IEEE Security and Privacy
Authentication using graphical passwords: effects of tolerance and image choice
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Security and Usability
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Cognitive Authentication Schemes Safe Against Spyware (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
On countering online dictionary attacks with login histories and humans-in-the-loop
ACM Transactions on Information and System Security (TISSEC)
On user choice in graphical password schemes
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The design and analysis of graphical passwords
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A second look at the usability of click-based graphical passwords
Proceedings of the 3rd symposium on Usable privacy and security
Modeling user choice in the PassPoints graphical password scheme
Proceedings of the 3rd symposium on Usable privacy and security
Human-seeded attacks and exploiting hot-spots in graphical passwords
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Graphical passwords based on robust discretization
IEEE Transactions on Information Forensics and Security
Provably secure browser-based user-aware mutual authentication over TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Centered discretization with application to graphical passwords (full paper)
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
Enforcing User-Aware Browser-Based Mutual Authentication with Strong Locked Same Origin Policy
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Panic passwords: authenticating under duress
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Influencing users towards better passwords: persuasive cued click-points
BCS-HCI '08 Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1
Guidelines for designing graphical authentication mechanism interfaces
International Journal of Information and Computer Security
A methodology for designing information security feedback based on User Interface Patterns
Advances in Engineering Software
User-aware provably secure protocols for browser-based mutual authentication
International Journal of Applied Cryptography
Shoulder-surfing resistance with eye-gaze entry in cued-recall graphical passwords
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Input precision for gaze-based graphical passwords
CHI '10 Extended Abstracts on Human Factors in Computing Systems
The effect of baroque music on the PassPoints graphical password
Proceedings of the ACM International Conference on Image and Video Retrieval
Towards understanding ATM security: a field study of real world ATM use
Proceedings of the Sixth Symposium on Usable Privacy and Security
A security class project in graphical passwords
Journal of Computing Sciences in Colleges
Purely automated attacks on passpoints-style graphical passwords
IEEE Transactions on Information Forensics and Security
An efficient user verification system via mouse movements
Proceedings of the 18th ACM conference on Computer and communications security
Biometric-rich gestures: a novel approach to authentication on multi-touch devices
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Increasing the security of gaze-based cued-recall graphical passwords using saliency masks
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
NAPTune: fine tuning graphical authentication
Proceedings of the 3rd International Conference on Human Computer Interaction
Multiple password interference in graphical passwords
International Journal of Information and Computer Security
MIBA: multitouch image-based authentication on smartphones
CHI '13 Extended Abstracts on Human Factors in Computing Systems
Picassopass: a password scheme using a dynamically layered combination of graphical elements
CHI '13 Extended Abstracts on Human Factors in Computing Systems
Security implications of password discretization for click-based graphical passwords
Proceedings of the 22nd international conference on World Wide Web
Exploring the design space of graphical passwords on smartphones
Proceedings of the Ninth Symposium on Usable Privacy and Security
Quantifying the security of graphical passwords: the case of android unlock patterns
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
On the security of picture gesture authentication
SEC'13 Proceedings of the 22nd USENIX conference on Security
Hi-index | 0.00 |
We propose and examine the usability and security of Cued Click Points (CCP), a cued-recall graphical password technique. Users click on one point per image for a sequence of images. The next image is based on the previous click-point. We present the results of an initial user study which revealed positive results. Performance was very good in terms of speed, accuracy, and number of errors. Users preferred CCP to PassPoints (Wiedenbeck et al., 2005), saying that selecting and remembering only one point per image was easier, and that seeing each image triggered their memory of where the corresponding point was located. We also suggest that CCP provides greater security than PassPoints because the number of images increases the workload for attackers.