Communications of the ACM
Password security: a case history
Communications of the ACM
How to Make Personalized Web Browising Simple, Secure, and Anonymous
FC '97 Proceedings of the First International Conference on Financial Cryptography
Password Memorability and Security: Empirical Results
IEEE Security and Privacy
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Helping users create better passwords: is this the right approach?
Proceedings of the 3rd symposium on Usable privacy and security
Evaluating a trial deployment of password re-use for phishing prevention
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
Itrustpage: a user-assisted anti-phishing tool
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
You've been warned: an empirical study of the effectiveness of web browser phishing warnings
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Memorability of persuasive passwords
CHI '08 Extended Abstracts on Human Factors in Computing Systems
Do strong web passwords accomplish anything?
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Improving text passwords through persuasion
Proceedings of the 4th symposium on Usable privacy and security
Persuasion for Stronger Passwords: Motivation and Pilot Study
PERSUASIVE '08 Proceedings of the 3rd international conference on Persuasive Technology
One-Time Password Access to Any Server without Changing the Server
ISC '08 Proceedings of the 11th international conference on Information Security
Extending web applications with a lightweight zero knowledge proof authentication
CSTST '08 Proceedings of the 5th international conference on Soft computing as transdisciplinary science and technology
Anti-phishing based on automated individual white-list
Proceedings of the 4th ACM workshop on Digital identity management
Threat Modelling in User Performed Authentication
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Lessons from Brain Age on password memorability
Future Play '08 Proceedings of the 2008 Conference on Future Play: Research, Play, Share
A comprehensive study of frequency, interference, and training of multiple graphical passwords
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Toward an experimental methodology for studying persuasion-based online security
CHI '09 Extended Abstracts on Human Factors in Computing Systems
Influencing users towards better passwords: persuasive cued click-points
BCS-HCI '08 Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1
Helping users create and remember more secure text passwords
BCS-HCI '08 Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 2
Personal choice and challenge questions: a security and usability assessment
Proceedings of the 5th Symposium on Usable Privacy and Security
A profitless endeavor: phishing as tragedy of the commons
Proceedings of the 2008 workshop on New security paradigms
Security and usability: the gap in real-world online banking
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Effects of a Mnemonic Technique on Subsequent Recall of Assigned and Self-generated Passwords
Proceedings of the Symposium on Human Interface 2009 on ConferenceUniversal Access in Human-Computer Interaction. Part I: Held as Part of HCI International 2009
Multiple password interference in text passwords and click-based graphical passwords
Proceedings of the 16th ACM conference on Computer and communications security
A Secure Mobile-Based Authentication System for e-Banking
OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
So long, and no thanks for the externalities: the rational rejection of security advice by users
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
The true cost of unusable password policies: password use in the wild
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability and strength in click-based graphical passwords
CHI '10 Extended Abstracts on Human Factors in Computing Systems
BogusBiter: A transparent protection against phishing attacks
ACM Transactions on Internet Technology (TOIT)
Password strength: an empirical analysis
INFOCOM'10 Proceedings of the 29th conference on Information communications
Encountering stronger password requirements: user attitudes and behaviors
Proceedings of the Sixth Symposium on Usable Privacy and Security
Where do security policies come from?
Proceedings of the Sixth Symposium on Usable Privacy and Security
Secure passwords through enhanced hashing
LISA'09 Proceedings of the 23rd conference on Large installation system administration
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
The security of modern password expiration: an algorithmic framework and empirical analysis
Proceedings of the 17th ACM conference on Computer and communications security
OpenIDemail enabled browser: towards fixing the broken web single sign-on triangle
Proceedings of the 6th ACM workshop on Digital identity management
Kamouflage: loss-resistant password management
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Abusing social networks for automated user profiling
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Secure sketch for multiple secrets
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Proceedings of the 2010 workshop on New security paradigms
A billion keys, but few locks: the crisis of web single sign-on
Proceedings of the 2010 workshop on New security paradigms
Exploring usability effects of increasing security in click-based graphical passwords
Proceedings of the 26th Annual Computer Security Applications Conference
Popularity is everything: a new approach to protecting passwords from statistical-guessing attacks
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
SessionShield: lightweight protection against session hijacking
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
The password game: negative externalities from weak password practices
GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Of passwords and people: measuring the effect of password-composition policies
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
MARASIM: a novel jigsaw based authentication scheme using tagging
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A diary study of password usage in daily life
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
OpenID-enabled browser: towards usable and secure web single sign-on
CHI '11 Extended Abstracts on Human Factors in Computing Systems
Can users remember their pictorial passwords six years later
CHI '11 Extended Abstracts on Human Factors in Computing Systems
Using and managing multiple passwords: A week to a view
Interacting with Computers
A field study of user behavior and perceptions in smartcard authentication
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part IV
Johnny in internet café: user study and exploration of password autocomplete in web browsers
Proceedings of the 7th ACM workshop on Digital identity management
Client-based authentication technology: user-centric authentication using secure containers
Proceedings of the 7th ACM workshop on Digital identity management
An efficient user verification system via mouse movements
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 2011 workshop on New security paradigms workshop
What makes users refuse web single sign-on?: an empirical investigation of OpenID
Proceedings of the Seventh Symposium on Usable Privacy and Security
Evaluating the usability and security of a graphical one-time PIN system
BCS '10 Proceedings of the 24th BCS Interaction Specialist Group Conference
Creating safe and trusted social networks with biometric user authentication
ICEB'10 Proceedings of the Third international conference on Ethics and Policy of Biometrics and International Data Sharing
SessionJuggler: secure web login from an untrusted terminal using session hijacking
Proceedings of the 21st international conference on World Wide Web
Rational security: Modelling everyday password use
International Journal of Human-Computer Studies
Habit as an explanation of participation in an online peer-production community
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A security assessment of tiles: a new portfolio-based graphical authentication system
CHI '12 Extended Abstracts on Human Factors in Computing Systems
Using automated individual white-list to protect web digital identities
Expert Systems with Applications: An International Journal
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
Correct horse battery staple: exploring the usability of system-assigned passphrases
Proceedings of the Eighth Symposium on Usable Privacy and Security
Do you see your password?: applying recognition to textual passwords
Proceedings of the Eighth Symposium on Usable Privacy and Security
Exploration and field study of a password manager using icon-based passwords
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
How does your password measure up? the effect of strength meters on password creation
Security'12 Proceedings of the 21st USENIX conference on Security symposium
The benefits of understanding passwords
HotSec'12 Proceedings of the 7th USENIX conference on Hot Topics in Security
Visualizing semantics in passwords: the role of dates
Proceedings of the Ninth International Symposium on Visualization for Cyber Security
Strong authentication with mobile phone
ISC'12 Proceedings of the 15th international conference on Information Security
Cyber security games: a new line of risk
ICEC'12 Proceedings of the 11th international conference on Entertainment Computing
Password entry usability and shoulder surfing susceptibility on different smartphone platforms
Proceedings of the 11th International Conference on Mobile and Ubiquitous Multimedia
NAPTune: fine tuning graphical authentication
Proceedings of the 3rd International Conference on Human Computer Interaction
Video-passwords: advertising while authenticating
Proceedings of the 2012 workshop on New security paradigms
A hybrid approach for highly available and secure storage of Pseudo-SSO credentials
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Building better passwords using probabilistic techniques
Proceedings of the 28th Annual Computer Security Applications Conference
Biometric authentication on a mobile device: a study of user effort, error and task disruption
Proceedings of the 28th Annual Computer Security Applications Conference
Methodology for a field study of anti-malware software
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
Preventing the revealing of online passwords to inappropriate websites with logininspector
lisa'12 Proceedings of the 26th international conference on Large Installation System Administration: strategies, tools, and techniques
A study of user password strategy for multiple accounts
Proceedings of the third ACM conference on Data and application security and privacy
Proceedings of the third ACM conference on Data and application security and privacy
NSS'12 Proceedings of the 6th international conference on Network and System Security
Outlining epistemic interaction
Proceedings of the 30th European Conference on Cognitive Ergonomics
A measurement study of insecure javascript practices on the web
ACM Transactions on the Web (TWEB)
My profile is my password, verify me!: the privacy/convenience tradeoff of facebook connect
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Does my password go up to eleven?: the impact of password meters on password selection
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Memory retrieval and graphical passwords
Proceedings of the Ninth Symposium on Usable Privacy and Security
Single password authentication
Computer Networks: The International Journal of Computer and Telecommunications Networking
Measuring password guessability for an entire university
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
SAuth: protecting user accounts from password database leaks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Proceedings of the 2013 ACM workshop on Artificial intelligence and security
The password allocation problem: strategies for reusing passwords effectively
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Proceedings of the 2013 ACM workshop on Digital identity management
Federated identity to access e-government services: are citizens ready for this?
Proceedings of the 2013 ACM workshop on Digital identity management
Pitfalls in the automated strengthening of passwords
Proceedings of the 29th Annual Computer Security Applications Conference
Faces and Pictures: Understanding age differences in two types of graphical authentications
International Journal of Human-Computer Studies
Investigating Users’ Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model
ACM Transactions on Internet Technology (TOIT)
Useful password hashing: how to waste computing cycles with style
Proceedings of the 2013 workshop on New security paradigms workshop
Proceedings of International Conference on Information Integration and Web-based Applications & Services
Quite a mess in my cookie jar!: leveraging machine learning to protect web authentication
Proceedings of the 23rd international conference on World wide web
Hi-index | 0.00 |
We report the results of a large scale study of password use andpassword re-use habits. The study involved half a million users over athree month period. A client component on users' machines recorded a variety of password strength, usage and frequency metrics. This allows us to measure or estimate such quantities as the average number of passwords and average number of accounts each user has, how many passwords she types per day, how often passwords are shared among sites, and how often they are forgotten. We get extremely detailed data on password strength, the types and lengths of passwords chosen, and how they vary by site. The data is the first large scale study of its kind, and yields numerous other insights into the role the passwords play in users' online experience.