Why people (don't) use password managers effectively
Security experts often recommend using password-management tools that both store
passwords and generate random passwords. However, research indicates that only a small …
passwords and generate random passwords. However, research indicates that only a small …
Human factors in security research: Lessons learned from 2008-2018
Instead of only considering technology, computer security research now strives to also take
into account the human factor by studying regular users and, to a lesser extent, experts like …
into account the human factor by studying regular users and, to a lesser extent, experts like …
Computational rationality as a theory of interaction
How do people interact with computers? This fundamental question was asked by Card,
Moran, and Newell in 1983 with a proposition to frame it as a question about human …
Moran, and Newell in 1983 with a proposition to frame it as a question about human …
" Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences
D Olszewski, A Lu, C Stillman, K Warren… - Proceedings of the …, 2023 - dl.acm.org
Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …
seemingly contradictory results and expands the boundaries of known discoveries …
User, usage and usability: Redefining human centric cyber security
The effectiveness of cyber security measures are often questioned in the wake of hard hitting
security events. Despite much work being done in the field of cyber security, most of the …
security events. Despite much work being done in the field of cyber security, most of the …
How to attack and generate honeywords
Honeywords are decoy passwords associated with each user account to timely detect
password leakage. The key issue lies in how to generate honeywords that are hard to be …
password leakage. The key issue lies in how to generate honeywords that are hard to be …
Honeyword-based authentication techniques for protecting passwords: A survey
Honeyword (or decoy password) based authentication, first introduced by Juels and Rivest
in 2013, has emerged as a security mechanism that can provide security against server-side …
in 2013, has emerged as a security mechanism that can provide security against server-side …
" Would you give the same priority to the bank and a game? I do {not!}" exploring credential management strategies and obstacles during password manager setup
Password managers allow users to improve password security by handling large numbers of
strong and unique passwords without the burden of memorizing them. While users are …
strong and unique passwords without the burden of memorizing them. While users are …
[HTML][HTML] Is cybersecurity research missing a trick? Integrating insights from the psychology of habit into research and practice
The idea that people should form positive security habits is gaining increasing attention
amongst security practitioners. Habit is a well-studied concept in psychology, but the extent …
amongst security practitioners. Habit is a well-studied concept in psychology, but the extent …
Is real-time phishing eliminated with {FIDO}? social engineering downgrade attacks against {FIDO} protocols
FIDO's U2F is a web-authentication mechanism designed to mitigate real-time phishing—an
attack that undermines multi-factor authentication by allowing an attacker to relay second …
attack that undermines multi-factor authentication by allowing an attacker to relay second …