Cognitive passwords: the key to easy access control
Computers and Security
Pass-sentence—a new approach to computer code
Computers and Security
interactions
Communications of the ACM
Pass-algorithms: a user validation scheme based on knowledge of secret algorithms
Communications of the ACM
Safe and sound: a safety-critical approach to security
Proceedings of the 2001 workshop on New security paradigms
Pretty good persuasion: a first step towards effective password security in the real world
Proceedings of the 2001 workshop on New security paradigms
Biometrics — Real Identities for a Virtual World
BT Technology Journal
Making Passwords Secure and Usable
HCI 97 Proceedings of HCI on People and Computers XII
Secrets and Lies
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Safe and sound: a safety-critical approach to security
Proceedings of the 2001 workshop on New security paradigms
Pretty good persuasion: a first step towards effective password security in the real world
Proceedings of the 2001 workshop on New security paradigms
CHI '03 Extended Abstracts on Human Factors in Computing Systems
Moving from the design of usable security technologies to the design of useful secure applications
Proceedings of the 2002 workshop on New security paradigms
The domino effect of password reuse
Communications of the ACM - Human-computer etiquette
Bringing security home: a process for developing secure and usable systems
Proceedings of the 2003 workshop on New security paradigms
Proceedings of the 2003 workshop on New security paradigms
Password Memorability and Security: Empirical Results
IEEE Security and Privacy
Authentication using graphical passwords: effects of tolerance and image choice
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Security and usability engineering with particular attention to electronic mail
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Spy-resistant keyboard: more secure password entry on public touch screen displays
OZCHI '05 Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future
Entities, identities, identifiers and credentials -- what does it all mean?
BT Technology Journal
Improving interface designs to help users choose better passwords
CHI '06 Extended Abstracts on Human Factors in Computing Systems
Design and evaluation of a shoulder-surfing resistant graphical password scheme
Proceedings of the working conference on Advanced visual interfaces
Password management strategies for online accounts
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Human selection of mnemonic phrase-based passwords
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Divide and conquer: the role of trust and assurance in the design of secure socio-technical systems
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Looking for trouble: understanding end-user security management
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
User help techniques for usable security
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
Pictures at the ATM: exploring the usability of multiple graphical passwords
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Improving password security and memorability to protect personal and organizational information
International Journal of Human-Computer Studies
Developing usable CAPTCHAs for blind users
Proceedings of the 9th international ACM SIGACCESS conference on Computers and accessibility
Order and entropy in picture passwords
GI '08 Proceedings of graphics interface 2008
Securing passfaces for description
Proceedings of the 4th symposium on Usable privacy and security
Computers in Human Behavior
Gaining Access with Social Engineering: An Empirical Study of the Threat
Information Systems Security
PassShapes: utilizing stroke based authentication to increase password memorability
Proceedings of the 5th Nordic conference on Human-computer interaction: building bridges
Empirical analysis of biometric technology adoption and acceptance in Botswana
Journal of Systems and Software
Security and usability: the gap in real-world online banking
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
A privacy expectations and security assurance offer system
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Security automation considered harmful?
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Keystroke dynamics with low constraints SVM based passphrase enrollment
BTAS'09 Proceedings of the 3rd IEEE international conference on Biometrics: Theory, applications and systems
Interacting with Computers
The true cost of unusable password policies: password use in the wild
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability and strength in click-based graphical passwords
CHI '10 Extended Abstracts on Human Factors in Computing Systems
Encountering stronger password requirements: user attitudes and behaviors
Proceedings of the Sixth Symposium on Usable Privacy and Security
A closer look at recognition-based graphical passwords on mobile devices
Proceedings of the Sixth Symposium on Usable Privacy and Security
Two heads are better than one: security and usability of device associations in group scenarios
Proceedings of the Sixth Symposium on Usable Privacy and Security
Where do security policies come from?
Proceedings of the Sixth Symposium on Usable Privacy and Security
The positive outcomes of information security awareness training in companies - A case study
Information Security Tech. Report
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Proceedings of the 4th Symposium on Computer Human Interaction for the Management of Information Technology
Proceedings of the 2010 workshop on New security paradigms
Exploring usability effects of increasing security in click-based graphical passwords
Proceedings of the 26th Annual Computer Security Applications Conference
Interacting with Computers
How HCI design influences web security decisions
Proceedings of the 22nd Conference of the Computer-Human Interaction Special Interest Group of Australia on Computer-Human Interaction
Tensions in developing a secure collective information practice - the case of agile ridesharing
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part II
A field study of user behavior and perceptions in smartcard authentication
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part IV
Improving usability through password-corrective hashing
SPIRE'06 Proceedings of the 13th international conference on String Processing and Information Retrieval
Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model
Journal of Management Information Systems
Evaluating the usability and security of a graphical one-time PIN system
BCS '10 Proceedings of the 24th BCS Interaction Specialist Group Conference
An empirical study on the usability of logout in a single sign-on system
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Rational security: Modelling everyday password use
International Journal of Human-Computer Studies
The SoundsRight CAPTCHA: an improved approach to audio human interaction proofs for blind users
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
WebTicket: account management using printable tokens
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A security assessment of tiles: a new portfolio-based graphical authentication system
CHI '12 Extended Abstracts on Human Factors in Computing Systems
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
Do you see your password?: applying recognition to textual passwords
Proceedings of the Eighth Symposium on Usable Privacy and Security
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
A case for automatic sharing over social networks
Proceedings of the First ACM International Workshop on Hot Topics on Interdisciplinary Social Networks Research
Pools, clubs and security: designing for a party not a person
Proceedings of the 2012 workshop on New security paradigms
Cracking associative passwords
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Multiple password interference in graphical passwords
International Journal of Information and Computer Security
Understanding the weaknesses of human-protocol interaction
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
Protection aspects of iconic passwords on mobile devices
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
A pilot study on the security of pattern screen-lock methods and soft side channel attacks
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
MultiNet: reducing interaction overhead in domestic wireless networks
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Secure, usable biometric authentication systems
UAHCI'13 Proceedings of the 7th international conference on Universal Access in Human-Computer Interaction: design methods, tools, and interaction techniques for eInclusion - Volume Part I
Faces and Pictures: Understanding age differences in two types of graphical authentications
International Journal of Human-Computer Studies
International Journal of Human-Computer Studies
Hi-index | 0.00 |
The security research community has recently recognised that user behaviour plays a part in many security failures, and it has become common to refer to users as the 'weakest link in the security chain'. We argue that simply blaming users will not lead to more effective security systems. Security designers must identify the causes of undesirable user behaviour, and address these to design effective security systems. We present examples of how undesirable user behaviour with passwords can be caused by failure to recognise the characteristics of human memory, unattainable or conflicting task demands, and lack of support, training and motivation. We conclude that existing human/computer interaction knowledge and techniques can be used to prevent or address these problems, and outline a vision of a holistic design approach for usable and effective security.