Skip to Main content Skip to Navigation
New interface
Preprints, Working Papers, ...

Cue-Pin-Select, a Secure Mental Password Manager

Abstract : People struggle to invent safe passwords for many of their typical online activities, leading to a variety of security problems when they use overly simple passwords or reuse them multiple times with minor modifications. Having different passwords for each service generally requires password managers or memorable (but weak) passwords, introducing other vulnerabilities. Recent research has offered multiple alternatives but those require either rote memorisation or computation on a physical device. This paper describes a secure and usable solution to this problem that requires no assistance from any physical device. We present the Cue-Pin-Select password family scheme that requires little memorisation and allows users to create and retrieve passwords easily. It uses our natural cognitive abilities to be durable, adaptable to different password requirements, and resistant to attacks, including ones involving plain-text knowledge of some passwords from the family. We include a theoretical analysis of its security according to multiple attack models. Finally, we show the promising results of a small-scale user study that put participants in real-life conditions for multiple days.
Complete list of metadata

Cited literature [40 references]  Display  Hide  Download
Contributor : Enka Blanchard Connect in order to contact the contributor
Submitted on : Tuesday, April 28, 2020 - 7:33:48 AM
Last modification on : Tuesday, September 6, 2022 - 1:27:20 PM


Files produced by the author(s)


  • HAL Id : hal-01781231, version 2


Enka Blanchard, Leila Gabasova, Ted Selker, Eli Sennesh. Cue-Pin-Select, a Secure Mental Password Manager. 2020. ⟨hal-01781231v2⟩



Record views


Files downloads