—It is a well known fact that user-chosen passwords are somewhat predictable: by using tools such as dictionaries or probabilistic models, attackers and password recovery tools c...
This paper presents the first large-scale study of the success of password expiration in meeting its intended purpose, namely revoking access to an account by an attacker who has ...
Draw a secret (DAS) is a representative graphical password scheme. Rigorous theoretical analysis suggests that DAS supports an overall password space larger than that of the ubiqu...
The combination of username and password is widely used as a human authentication mechanism on the Web. Despite this universal adoption and despite their long tradition, password s...
Previous efforts involving picture-based passwords have not focused on maintaining a measurably high level of entropy. Since password systems usually allow user selection of passw...