The impact of length and mathematical operators on the usability and security of system-assigned one-time PINs
作者: Patrick Gage Kelley , Saranga Komanduri , Michelle L. Mazurek , Richard Shay , Timothy Vidas
DOI: 10.1007/978-3-642-41320-9_3
关键词:
摘要: Over the last decade, several proposals have been made to replace common personal identification number, or PIN, with often-complicated but the- oretically more secure systems. We present a case study of one such system, specific implementation system-assigned one-time PINs called PassGrids. apply various modifications basic scheme, allowing us review usabil- ity vs. security trade-offs as function complexity authentication scheme. Our results show that most variations this PIN system are enjoyable and no difficult than PINs, although accuracy suffers for complicated variants. Some variants increase resilience against obser- vation attacks, number users who write down otherwise store their password increases shed light on extent which able willing tolerate complications au- thentication schemes, provides useful insights designers new schemes.
springer.com
sci-hub.st 参考文章(23)
Sacha Brostoff, M Angela Sasse, Are Passfaces More Usable Than Passwords? A Field Trial Investigation People and Computers XIV — Usability or Else!. pp. 405- 424 ,(2000) , 10.1007/978-1-4471-0515-2_27
Sacha Brostoff, Philip G. Inglesant, M. Angela Sasse, Evaluating the usability and security of a graphical one-time PIN system BCS '10 Proceedings of the 24th BCS Interaction Specialist Group Conference. pp. 88- 97 ,(2010) , 10.14236/EWIC/HCI2010.13
Fabian Monrose, Ian Jermyn, Aviel D. Rubin, Michael K. Reiter, Alain Mayer, The design and analysis of graphical passwords usenix security symposium. pp. 1- 1 ,(1999)
Adam J Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, Jonathan M Smith, None, Smudge attacks on smartphone touch screens WOOT'10 Proceedings of the 4th USENIX conference on Offensive technologies. pp. 1- 7 ,(2010)
Hirokazu Sasamoto, Nicolas Christin, Eiji Hayashi, Undercover: authentication usable in front of prying eyes human factors in computing systems. pp. 183- 192 ,(2008) , 10.1145/1357054.1357085
Ross Anderson, Why cryptosystems fail computer and communications security. pp. 215- 227 ,(1993) , 10.1145/168588.168615
Hassan Jameel Asghar, Shujun Li, Josef Pieprzyk, Huaxiong Wang, Cryptanalysis of the convex hull click human identification protocol international conference on information security. pp. 24- 30 ,(2010) , 10.1007/978-3-642-18178-8_3
Alexander De Luca, Martin Denzel, Heinrich Hussmann, Look into my eyes! Proceedings of the 5th Symposium on Usable Privacy and Security - SOUPS '09. pp. 7- ,(2009) , 10.1145/1572532.1572542
Roman Weiss, Alexander De Luca, PassShapes Proceedings of the 5th Nordic conference on Human-computer interaction building bridges - NordiCHI '08. pp. 383- 392 ,(2008) , 10.1145/1463160.1463202
Julie S. Downs, Mandy B. Holbrook, Steve Sheng, Lorrie Faith Cranor, Are your participants gaming the system? Proceedings of the 28th international conference on Human factors in computing systems - CHI '10. pp. 2399- 2402 ,(2010) , 10.1145/1753326.1753688