Starting around 1999, a great many graphical password schemes have been proposed as
alternatives to text-based password authentication. We provide a comprehensive overview …

We evaluate two decades of proposals to replace text passwords for general-purpose user
authentication on the web using a broad set of twenty-five usability, deployability and …

As the most prevailing two-factor authentication mechanism, smart-card-based password
authentication has been a subject of intensive research in the past two decades, and …

We propose and examine the usability and security of Cued Click Points (CCP), a cued-
recall graphical password technique. Users click on one point per image for a sequence of …

Shoulder-surfing--using direct observation techniques, such as looking over someone's
shoulder, to get passwords, PINs and other sensitive personal information--is a problem that …

Graphical passwords were proposed as an alternative to overcome the inherent limitations
of text-based passwords, inspired by research that shows that the graphical memory of …

Password authentication is still ubiquitous although alternatives have been developed to
overcome its shortcomings such as high cognitive load for users. Using an objective rating …

We present a usability study of two recent password manager proposals: PwdHash (Ross et
al., 2005) and Password Multiplier (Halderman et al., 2005). Both papers considered …

We report the results of the first large-scale empirical analysis of password implementations
deployed on the Internet. Our study included 150 websites which offer free user accounts for …

Many security primitives are based on hard mathematical problems. Using hard AI problems
for security is emerging as an exciting new paradigm, but has been under-explored. In this …