Communications of the ACM
Time Sharing Computer Systems
DES key crunching for safer cypher keys
ACM SIGSAC Review
Communications of the ACM
The internet worm program: an analysis
ACM SIGCOMM Computer Communication Review
Reducing risks from poorly chosen keys
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
UNIX security in a supercomputing environment
Proceedings of the 1989 ACM/IEEE conference on Supercomputing
Inside risks: insecurity about security?
Communications of the ACM
ACM SIGSAC Review
UNIX password security—ten years later
CRYPTO '89 Proceedings on Advances in cryptology
Practical problems with a cryptographic protection scheme (invited)
CRYPTO '89 Proceedings on Advances in cryptology
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A graduate course in computing security technology
SIGCSE '93 Proceedings of the twenty-fourth SIGCSE technical symposium on Computer science education
Communications of the ACM
CERT incident response and the Internet
Communications of the ACM
The KryptoKnight family of light-weight protocols for authentication and key distribution
IEEE/ACM Transactions on Networking (TON)
New design concepts for an intelligent Internet
Communications of the ACM
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Password hardening based on keystroke dynamics
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Performance and Stability Analysis of Multilevel Data Structures with Deferred Reorganization
IEEE Transactions on Software Engineering
Efficient and practical DHEKE protocols
ACM SIGOPS Operating Systems Review
Secure password-based cipher suite for TLS
ACM Transactions on Information and System Security (TISSEC)
Delegation of cryptographic servers for capture-resilient devices
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
Simple authenticated key agreement protocol resistant to password guessing attacks
ACM SIGOPS Operating Systems Review
A remote user authentication scheme using hash functions
ACM SIGOPS Operating Systems Review
Securing passwords against dictionary attacks
Proceedings of the 9th ACM conference on Computer and communications security
Content-Addressable Search Engines and DES-like Systems
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Maintaining Security in the Presence of Transient Faults
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Security for the Unix Password Hashing Algorithm
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Access and Integrity Control in a Public-Access, High-Assurance Configuration Management System
Proceedings of the 11th USENIX Security Symposium
On the Difficulty of Protecting Private Keys in Software
ISC '02 Proceedings of the 5th International Conference on Information Security
Privacy Engineering for Digital Rights Management Systems
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Establishing the business value of network security using analytical hierarchy process
Creating business value with information technology
Towards a secure web-based healthcare application
Knowledge media in healthcare
A Secure Distributed Search System
HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
An Adaptable and Reliable Authentication Protocol for Communication Networks
INFOCOM '97 Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution
The domino effect of password reuse
Communications of the ACM - Human-computer etiquette
On improvements to password security
ACM SIGOPS Operating Systems Review
Easily remembered passphrases: a better approach
ACM SIGSAC Review - Resources: part II
A convenient method for securely managing passwords
WWW '05 Proceedings of the 14th international conference on World Wide Web
Delegation of cryptographic servers for capture-resilient devices
Distributed Computing
Authentication using graphical passwords: effects of tolerance and image choice
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Fast dictionary attacks on passwords using time-space tradeoff
Proceedings of the 12th ACM conference on Computer and communications security
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Design and evaluation of a shoulder-surfing resistant graphical password scheme
Proceedings of the working conference on Advanced visual interfaces
Password management strategies for online accounts
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Password security: an empirical study
Journal of Management Information Systems
The usability of passphrases for authentication: An empirical field study
International Journal of Human-Computer Studies
A large-scale study of web password habits
Proceedings of the 16th international conference on World Wide Web
Passwords decay, words endure: secure and re-usable multiple password mnemonics
Proceedings of the 2007 ACM symposium on Applied computing
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
On user choice in graphical password schemes
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The design and analysis of graphical passwords
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Network randomization protocol: a proactive pseudo-random generator
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Independent one-time passwords
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
A future-adaptive password scheme
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
Modeling user choice in the PassPoints graphical password scheme
Proceedings of the 3rd symposium on Usable privacy and security
Modeling cryptographic properties of voice and voice-based entity authentication
Proceedings of the 2007 ACM workshop on Digital identity management
Server side hashing core exceeding 3 Gbps of throughput
International Journal of Security and Networks
Do strong web passwords accomplish anything?
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Data Discovery and Dissemination with DIP
IPSN '08 Proceedings of the 7th international conference on Information processing in sensor networks
Identity Theft: Much Too Easy? A Study of Online Systems in Norway
Financial Cryptography and Data Security
Action-based user authentication
International Journal of Electronic Security and Digital Forensics
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
A security policy for a profile-oriented operating system
AFIPS '81 Proceedings of the May 4-7, 1981, national computer conference
Information Sciences: an International Journal
A comprehensive study of frequency, interference, and training of multiple graphical passwords
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
SMEs and Cybersecurity Threats in E-Commerce
The EDP Audit, Control, and Security Newsletter
Effects of a Mnemonic Technique on Subsequent Recall of Assigned and Self-generated Passwords
Proceedings of the Symposium on Human Interface 2009 on ConferenceUniversal Access in Human-Computer Interaction. Part I: Held as Part of HCI International 2009
Efficient and secure authenticated key exchange using weak passwords
Journal of the ACM (JACM)
Proceedings of the 23rd British HCI Group Annual Conference on People and Computers: Celebrating People and Technology
Building a better password: the role of cognitive load in information security training
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Musipass: authenticating me softly with "my" song
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
So long, and no thanks for the externalities: the rational rejection of security advice by users
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Interacting with Computers
The true cost of unusable password policies: password use in the wild
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
BogusBiter: A transparent protection against phishing attacks
ACM Transactions on Internet Technology (TOIT)
Password strength: an empirical analysis
INFOCOM'10 Proceedings of the 29th conference on Information communications
It won't happen to me: Promoting secure behaviour among internet users
Computers in Human Behavior
Secure passwords through enhanced hashing
LISA'09 Proceedings of the 23rd conference on Large installation system administration
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Testing metrics for password creation policies by attacking large sets of revealed passwords
Proceedings of the 17th ACM conference on Computer and communications security
The security of modern password expiration: an algorithmic framework and empirical analysis
Proceedings of the 17th ACM conference on Computer and communications security
Secure sketch for multiple secrets
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Smudge attacks on smartphone touch screens
WOOT'10 Proceedings of the 4th USENIX conference on Offensive technologies
Privacy amplification with social networks
Proceedings of the 15th international conference on Security protocols
Using and managing multiple passwords: A week to a view
Interacting with Computers
Home-network threats and access controls
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Hardened stateless session cookies
Security'08 Proceedings of the 16th International conference on Security protocols
A comparative usability evaluation of traditional password managers
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Johnny in internet café: user study and exploration of password autocomplete in web browsers
Proceedings of the 7th ACM workshop on Digital identity management
A trust assignment model based on alternate actions payoff
iTrust'06 Proceedings of the 4th international conference on Trust Management
Strengthening password-based authentication protocols against online dictionary attacks
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
How much assurance does a PIN provide?
HIP'05 Proceedings of the Second international conference on Human Interactive Proofs
Metrics of password management policy
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Password exhaustion: predicting the end of password usefulness
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Perfectly secure password protocols in the bounded retrieval model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Tutorial: Efficient and secure password-based authentication protocols against guessing attacks
Computer Communications
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
NAPTune: fine tuning graphical authentication
Proceedings of the 3rd International Conference on Human Computer Interaction
Linguistic properties of multi-word passphrases
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
Preventing the revealing of online passwords to inappropriate websites with logininspector
lisa'12 Proceedings of the 26th international conference on Large Installation System Administration: strategies, tools, and techniques
Protection aspects of iconic passwords on mobile devices
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
A pedagogical example of a stretched password-based key derivation function
Journal of Computing Sciences in Colleges
Does my password go up to eleven?: the impact of password meters on password selection
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Honeywords: making password-cracking detectable
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Quantifying the security of graphical passwords: the case of android unlock patterns
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Measuring password guessability for an entire university
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Pitfalls in the automated strengthening of passwords
Proceedings of the 29th Annual Computer Security Applications Conference
Useful password hashing: how to waste computing cycles with style
Proceedings of the 2013 workshop on New security paradigms workshop
| Hi-index | 48.31 |
This paper describes the history of the design of the password security scheme on a remotely accessed time-sharing system. The present design was the result of countering observed attempts to penetrate the system. The result is a compromise between extreme security and ease of use.