Passwords decay, words endure: Secure and re-usable multiple password mnemonics

Proceedings of the ACM Symposium on Applied Computing

Volumn , Issue , 2007, Pages 292-299

  Topkara, Umut ^a   Atallah, Mikhail J ^a   Topkara, Mercan ^a  

^a Purdue University   (United States)

Author keywords

Authentication; Mnemonic sentence; Natural language processing; Passwords; Usability

Indexed keywords

AUTHENTICATION; DATA STORAGE EQUIPMENT; INTERNET SERVICE PROVIDERS; PORTABLE EQUIPMENT; USABILITY ENGINEERING; USER INTERFACES; WEB BROWSERS;

GRAPHICAL PASSWORDS; HELPER CARDS; MNEMONIC SENTENCES; NATURAL LANGUAGE PROCESSING; PASSWORDS; SMARTCARDS;

SECURITY OF DATA;

EID: 35248853285     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1244002.1244072     Document Type: Conference Paper

References (18)

1. R. Anderson. Why cryptosystems fail. In CCS '93: Proceedings of the 1st ACM Conference on Computer and communications Security, pages 215-227, New York, NY, USA, 1993. ACM Press.
2. R. Bergmair and S. Katzenbeisser. Towards human interactive proofs in the text-domain. In Proceedings of the 7th Information Security Conference, volume 3225, pages 257-267. Springer Verlag, September, 2004.
3. D. C. Feldmeier and P. R. Karp. Unix password security - ten years later. In CRYPTO, pages 44-63, 1989.
4. C. Fellbaum. WordNet: An Electronic Lexical Database. MIT Press, 1998.
5. S. Gaw and E. W. Feiten. Password management strategies for online accounts. In SOUPS '06: Proceedings of the Second Symposium on Usable Privacy and Security, pages 44-55, New York, NY, USA, 2006. ACM Press.
6. S. Jeyaraman and U. Topkara. Have the cake and eat it too - infusing usability into text-password based authentication systems. In ACSAC '05: Proceedings of the 21st Annual Computer Security Applications Conference, pages 473-482, Washington, DC, USA, 2005. IEEE Computer Society.
7. C. Kuo, S. Romanosky, and L. F. Cranor. Human selection of mnemonic phrase-based passwords. In SOUPS '06: Proceedings of the Second Symposium on Usable Privacy and Security, pages 67-78, New York, NY, USA, 2006. ACM Press.
8. G. Miller. Human Memory and the Storage of Information. Information Theory, IEEE Transactions on, 2(3):129-137, 1956.
9. R. Morris and K. Thompson. Password security: A case history. ACM Communcations, 22(11):594-597, 1979.
10. T. Pedersen, S. Patwardhan, and J. Michelizzi. Wordnet::Similarity - Measuring the Relatedness of Concepts. In Proceedings of Fifth Annual Meeting of the NAACL, Boston, MA, May 2004.
11. B. Pinkas and T. Sander. Securing passwords against dictionary attacks. In Proceedings of the ACM Computer and Security Conference, pages 161-170, November, 2002.
12. P. Resnik. Selectional preference and sense disambiguation. In The ACL SIGLEX Workshop on Tagging Text with Lexical Semantics: Why, What, and How?, Washington D.C., USA, April 1997.
13. B. Schneier. Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley & Sons, Inc., New York, NY, USA, 1993.
14. B. Schneier. Write down your password. http://www.schneier.com/blog/ archives/2005/06/write_down.your.html, June 2005.
15. U. Topkara, M. Topkara, and M. J. Atallah. The hiding virtues of ambiguity: Quantifiably resilient watermarking of natural language text through synonym substitutions. In Proceedings of ACM Multimedia and Security Workshop, Geneva, Switzerland, September 26-27, 2006.
16. L. von Ahn, M. Blum, N. Hopper, and J. Langford. Captcha: Using hard ai problems for security. In Proceedings of Eurocrypt, pages 294-311, 2003.
17. K. Winstein. Lexical steganography through adaptive modulation of the word choice hash. In http://www.imsa.edu/keithw/tlex/, 1998.
18. J. Yan, A. Blackwell, R. Anderson, and A. Grant. Password memorability and security: Empirical results. IEEE Security and Privacy, 2:25-31, 2004.