Devising a user authentication scheme based on personal identification numbers (PINs) that
is both secure and practically usable is a challenging problem. The greatest difficulty lies …

The design of leakage-resilient password systems (LRPSes) in the absence of trusted
devices remains a challenging problem today despite two decades of intensive research in …

We review empirical studies that evaluate the resilience of various PIN entry methods
against human shoulder surfers. Conducting such studies is challenging because …

Classical password/PIN-based authentication methods have proven to be vulnerable to a
broad range of observation attacks (such as key-logging, video-recording or shoulder …

Users typically reuse the same personalized identification number (PIN) for multiple systems
and in numerous sessions. Direct PIN entries are highly susceptible to shoulder-surfing …

We are witnessing a growing demand for ATM authentication solutions that overcome the
limitations of the de facto standard mechanism based on magnetic card and numeric PIN …

Password leakage is one of the most serious threats for password-based user
authentication. Although this problem has been extensively investigated over the last two …

Human cognitive modeling techniques and related software tools have been widely used by
researchers and practitioners to evaluate the effectiveness of user interface (UI) designs and …

At NDSS 2012, Yan et al. analyzed the security of several challenge-response type user
authentication protocols against passive observers, and proposed a generic counting based …

User authentication is a process in which a user of a system proves his/her identity to
acquire access permission. An effective user authentication method should be both secure …