, The tangled web of password reuse, NDSS, vol.14, pp.23-26, 2014.
, The security risks of using "forgot my password" to manage passwords, pp.2017-2029, 2016.
, Secure human identification protocols, International Conference on the Theory and Application of Cryptology and Information Security, pp.52-66, 2001.
, Naturally rehearsing passwords, International Conference on the Theory and Application of Cryptology and Information Security, pp.361-380, 2013.
, Publishable humanly usable secure password creation schemas, 3rd AAAI Conference on Human Computation and Crowdsourcing, 2015.
, oPass: A user authentication protocol resistant to password stealing and password reuse attacks, IEEE Transactions on Information Forensics and Security, vol.7, issue.2, pp.651-663, 2012.
, Towards human computable passwords, 8th Innovations in Theoretical Computer Science Conference -ITCS 2017, 2017.
, Passwords decay, words endure: Secure and re-usable multiple password mnemonics, Proceedings of the 2007 ACM Symposium on Applied Computing, ser. SAC '07, pp.292-299, 2007.
, Centrify password survey: Summary, Centrify, Tech. Rep, 2014.
, Psychology of passwords survey, Lastpass, Tech. Rep, 2016.
, An analysis on vulnerabilities of password retrying, 5th International Conference on Software Engineering & Computer System, 2017.
, Death by a thousand facts: Criticising the technocratic approach to information security awareness, Information Management & Computer Security, vol.20, issue.1, pp.29-38, 2012.
, User preference of cyber security awareness delivery methods, Behaviour & Information Technology, vol.33, issue.3, pp.237-248, 2014.
, Why do people adopt, or reject, smartphone password managers, Proceedings of EuroUSEC, 2016.
, Password portfolios and the finite-effort user: Sustainably managing large numbers of accounts, 23rd USENIX Security Symposium, pp.575-590, 2014.
, Improving compliance with password guidelines: How user perceptions of passwords and security threats affect compliance with guidelines, 47th Hawaii International Conference on System Sciences -HICSS, vol.00, pp.3188-3197, 2014.
, The role of a mental model in learning to operate a device, Cognitive Science, vol.8, issue.3, pp.255-273, 1984.
, Can long passwords be secure and usable, Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ser. CHI '14, pp.2927-2936, 2014.
, Of passwords and people: Measuring the effect of password-composition policies, Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ser. CHI '11, pp.2595-2604, 2011.
, Password management strategies for online accounts, Proceedings of the Second Symposium on Usable Privacy and Security, ser. SOUPS '06, pp.44-55, 2006.
, The emperor's new password manager: Security analysis of web-based password managers, 23rd USENIX Security Symposium, pp.465-479, 2014.
, How biometric authentication poses new challenges to our security and privacy, IEEE Signal Processing Magazine, vol.34, issue.4, pp.196-194, 2017.
, A survey on biometrics and cancelable biometrics systems, International Journal of Image and Graphics, vol.18, p.1850006, 2018.
, The quest to replace passwords: A framework for comparative evaluation of web authentication schemes, IEEE Symposium on Security and Privacy, pp.553-567, 2012.
, Human selection of mnemonic phrase-based passwords, Proceedings of the second symposium on Usable privacy and security, pp.67-78, 2006.
, Four methods to create a secure password you'll actually remember, pp.2017-2029, 2014.
, The complexity of human computation: A concrete model with an application to passwords, CoRR, 2017.
, Usability of humanly computable passwords, 6th AAAI Conference on Human Computation and Crowdsourcing, 2018.
, Improving security and usability with guided word choice, 34th Annual Computer Security Applications Conference -ACSAC, 2018.
URL : https://hal.archives-ouvertes.fr/hal-01781233
, Natural language corpus data, pp.219-242, 2009.
, Extension of zipf's law to words and phrases, Proceedings of the 19th International Conference on Computational Linguistics, vol.1, pp.1-6, 2002.
, Rfc4086: Randomness requirements for security, 2005.
, Amazon AWS S3 cost calculator, Amazon, pp.2017-2029, 2018.
, NIST special publication 800-63-3, Digital Identity Guidelines, vol.1, 2017.
, Password cards, pp.2017-2029, 2010.
, Time for password expiration to die, 2019.
, User behaviors and attitudes under password expiration policies, Fourteenth Symposium on Usable Privacy and Security ({SOUPS} 2018), pp.13-30, 2018.
, Moving to client-sided hashing for online authentication, Workshop on Socio-Technical Aspects in Security and Trust -STAST, 2019.
, The magical number seven, plus or minus two: some limits on our capacity for processing information, Psychological review, vol.63, issue.2, p.81, 1956.
, Usability: low tech, high security, 2019.
URL : https://hal.archives-ouvertes.fr/tel-02446324