23 ways to nudge: A review of technology-mediated nudging in human-computer interaction
Ten years ago, Thaler and Sunstein introduced the notion of nudging to talk about how
subtle changes in the'choice architecture'can alter people's behaviors in predictable ways …
subtle changes in the'choice architecture'can alter people's behaviors in predictable ways …
A survey on adaptive authentication
Adaptive Authentication allows a system to dynamically select the best mechanism (s) for
authenticating a user depending on contextual factors, such as location, proximity to …
authenticating a user depending on contextual factors, such as location, proximity to …
" I Added'!'at the End to Make It Secure": Observing Password Creation in the Lab
Users often make passwords that are easy for attackers to guess. Prior studies have
documented features that lead to easily guessed passwords, but have not probed why users …
documented features that lead to easily guessed passwords, but have not probed why users …
Honeywords: Making password-cracking detectable
We propose a simple method for improving the security of hashed passwords: the
maintenance of additional``honeywords''(false passwords) associated with each user's …
maintenance of additional``honeywords''(false passwords) associated with each user's …
A study of probabilistic password models
A probabilistic password model assigns a probability value to each string. Such models are
useful for research into understanding what makes users choose more (or less) secure …
useful for research into understanding what makes users choose more (or less) secure …
Testing metrics for password creation policies by attacking large sets of revealed passwords
M Weir, S Aggarwal, M Collins, H Stern - … of the 17th ACM conference on …, 2010 - dl.acm.org
In this paper we attempt to determine the effectiveness of using entropy, as defined in NIST
SP800-63, as a measurement of the security provided by various password creation …
SP800-63, as a measurement of the security provided by various password creation …
A field trial of privacy nudges for facebook
Anecdotal evidence and scholarly research have shown that Internet users may regret some
of their online disclosures. To help individuals avoid such regrets, we designed two …
of their online disclosures. To help individuals avoid such regrets, we designed two …
Let's go in for a closer look: Observing passwords in their natural habitat
Text passwords---a frequent vector for account compromise, yet still ubiquitous---have been
studied for decades by researchers attempting to determine how to coerce users to create …
studied for decades by researchers attempting to determine how to coerce users to create …
How does your password measure up? The effect of strength meters on password creation
To help users create stronger text-based passwords, many web sites have deployed
password meters that provide visual feedback on password strength. Although these meters …
password meters that provide visual feedback on password strength. Although these meters …
Measuring {Real-World} Accuracies and Biases in Modeling Password Guessability
Parameterized password guessability—how many guesses a particular cracking algorithm
with particular training data would take to guess a password—has become a common metric …
with particular training data would take to guess a password—has become a common metric …