Cognitive passwords: the key to easy access control
Computers and Security
Foundations of statistical natural language processing
Foundations of statistical natural language processing
Password security: a case history
Communications of the ACM
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
The design and analysis of graphical passwords
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Guest Editors' Introduction: Secure or Usable?
IEEE Security and Privacy
Using personal photos as pictorial passwords
CHI '05 Extended Abstracts on Human Factors in Computing Systems
Authentication using graphical passwords: effects of tolerance and image choice
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Fast dictionary attacks on passwords using time-space tradeoff
Proceedings of the 12th ACM conference on Computer and communications security
Secure graphical password system for high traffic public areas
Proceedings of the 2006 symposium on Eye tracking research & applications
Design and evaluation of a shoulder-surfing resistant graphical password scheme
Proceedings of the working conference on Advanced visual interfaces
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Pass-thoughts: authenticating with our minds
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Graphical dictionaries and the memorable space of graphical passwords
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Bayesian Networks for Knowledge-Based Authentication
IEEE Transactions on Knowledge and Data Engineering
A second look at the usability of click-based graphical passwords
Proceedings of the 3rd symposium on Usable privacy and security
Modeling user choice in the PassPoints graphical password scheme
Proceedings of the 3rd symposium on Usable privacy and security
Proceedings of the 3rd symposium on Usable privacy and security
On predictive models and user-drawn graphical passwords
ACM Transactions on Information and System Security (TISSEC)
Do background images improve "draw a secret" graphical passwords?
Proceedings of the 14th ACM conference on Computer and communications security
A machine learning approach to keystroke dynamics based user authentication
International Journal of Electronic Security and Digital Forensics
Human-seeded attacks and exploiting hot-spots in graphical passwords
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Passwords for everyone: secure mnemonic-based accessible authentication
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Order and entropy in picture passwords
GI '08 Proceedings of graphics interface 2008
Exploring the feasibility of video mail for illiterate users
AVI '08 Proceedings of the working conference on Advanced visual interfaces
A framework for reasoning about the human in the loop
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
Securing passfaces for description
Proceedings of the 4th symposium on Usable privacy and security
Use Your Illusion: secure authentication usable anywhere
Proceedings of the 4th symposium on Usable privacy and security
Action-based user authentication
International Journal of Electronic Security and Digital Forensics
POSH: a generalized captcha with security applications
Proceedings of the 1st ACM workshop on Workshop on AISec
PassShapes: utilizing stroke based authentication to increase password memorability
Proceedings of the 5th Nordic conference on Human-computer interaction: building bridges
WSEAS Transactions on Information Science and Applications
The design and implementation of background Pass-Go scheme towards security threats
WSEAS Transactions on Information Science and Applications
The practical subtleties of biometric key generation
SS'08 Proceedings of the 17th conference on Security symposium
On user involvement in production of images used in visual authentication
Journal of Visual Languages and Computing
A comprehensive study of frequency, interference, and training of multiple graphical passwords
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Influencing users towards better passwords: persuasive cued click-points
BCS-HCI '08 Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1
Guidelines for designing graphical authentication mechanism interfaces
International Journal of Information and Computer Security
Visual passwords: cure-all or snake-oil?
Communications of the ACM - Finding the Fun in Computer Science Education
Multiple password interference in text passwords and click-based graphical passwords
Proceedings of the 16th ACM conference on Computer and communications security
Proceedings of the 23rd British HCI Group Annual Conference on People and Computers: Celebrating People and Technology
The Impact of Image Choices on the Usability and Security of Click Based Graphical Passwords
ISVC '09 Proceedings of the 5th International Symposium on Advances in Visual Computing: Part II
The effect of baroque music on the PassPoints graphical password
Proceedings of the ACM International Conference on Image and Video Retrieval
A closer look at recognition-based graphical passwords on mobile devices
Proceedings of the Sixth Symposium on Usable Privacy and Security
Secure passwords through enhanced hashing
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Purely automated attacks on passpoints-style graphical passwords
IEEE Transactions on Information Forensics and Security
Exploring usability effects of increasing security in click-based graphical passwords
Proceedings of the 26th Annual Computer Security Applications Conference
Smudge attacks on smartphone touch screens
WOOT'10 Proceedings of the 4th USENIX conference on Offensive technologies
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
MARASIM: a novel jigsaw based authentication scheme using tagging
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
On designing usable and secure recognition-based graphical authentication mechanisms
Interacting with Computers
Exploration of a hand-based graphical password scheme
Proceedings of the 4th international conference on Security of information and networks
A hybrid graphical password based system
ICA3PP'11 Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part II
Facing the facts about image type in recognition-based graphical passwords
Proceedings of the 27th Annual Computer Security Applications Conference
Breaking undercover: exploiting design flaws and nonuniform human behavior
Proceedings of the Seventh Symposium on Usable Privacy and Security
Analysis and design of graphical password techniques
ISVC'06 Proceedings of the Second international conference on Advances in Visual Computing - Volume Part II
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Can background baroque music help to improve the memorability of graphical passwords?
ICIAR'10 Proceedings of the 7th international conference on Image Analysis and Recognition - Volume Part II
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
Goldilocks and the two mobile devices: going beyond all-or-nothing access to a device's applications
Proceedings of the Eighth Symposium on Usable Privacy and Security
Do you see your password?: applying recognition to textual passwords
Proceedings of the Eighth Symposium on Usable Privacy and Security
Exploration and field study of a password manager using icon-based passwords
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Click passwords under investigation
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Graphical password authentication using cued click points
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Evaluating the effect of user guidelines on creating click-draw based graphical passwords
Proceedings of the 2012 ACM Research in Applied Computation Symposium
NAPTune: fine tuning graphical authentication
Proceedings of the 3rd International Conference on Human Computer Interaction
Video-passwords: advertising while authenticating
Proceedings of the 2012 workshop on New security paradigms
Multiple password interference in graphical passwords
International Journal of Information and Computer Security
Evaluating the effect of tolerance on click-draw based graphical password scheme
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Preventing the revealing of online passwords to inappropriate websites with logininspector
lisa'12 Proceedings of the 26th international conference on Large Installation System Administration: strategies, tools, and techniques
Proceedings of the third ACM conference on Data and application security and privacy
A pilot study on the security of pattern screen-lock methods and soft side channel attacks
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Age-related performance issues for PIN and face-based authentication systems
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
ACM Transactions on Accessible Computing (TACCESS)
Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services
Exploring the design space of graphical passwords on smartphones
Proceedings of the Ninth Symposium on Usable Privacy and Security
Usability and security evaluation of GeoPass: a geographic location-password scheme
Proceedings of the Ninth Symposium on Usable Privacy and Security
Memory retrieval and graphical passwords
Proceedings of the Ninth Symposium on Usable Privacy and Security
Quantifying the security of graphical passwords: the case of android unlock patterns
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
On the security of picture gesture authentication
SEC'13 Proceedings of the 22nd USENIX conference on Security
| Hi-index | 0.00 |
Graphical password schemes have been proposed as an alternative to text passwords in applications that support graphics and mouse or stylus entry. In this paper we detail what is, to our knowledge, the largest published empirical evaluation of the effects of user choice on the security of graphical password schemes. We show that permitting user selection of passwords in two graphical password schemes, one based directly on an existing commercial product, can yield passwords with entropy far below the theoretical optimum and, in some cases, that are highly correlated with the race or gender of the user. For one scheme, this effect is so dramatic so as to render the scheme insecure. A conclusion of our work is that graphical password schemes of the type we study may generally require a different posture toward password selection than text passwords, where selection by the user remains the norm today.