A. Baddeley and G. J. Hitch, Working memory, pp.47-90, 1974.

J. Blocki and M. Blum, Anupam Datta, and Santosh Vempala. 2014. Towards Human Computable Passwords. arXiv preprint, 2014.

J. Bonneau, The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords, 2012 IEEE Symposium on Security and Privacy, pp.538-552, 2012.
DOI : 10.1109/SP.2012.49

. Doi,

J. Bonneau and E. Shutova, Linguistic Properties of Multi-word Passphrases, International Conference on Financial Cryptography and Data Security, pp.1-12, 2012.
DOI : 10.1007/978-3-642-34638-5_1

S. Brostoff and M. A. Sasse, Are Passfaces More Usable Than Passwords? A Field Trial Investigation, pp.405-424978, 2000.
DOI : 10.1007/978-1-4471-0515-2_27

M. Brysbaert, M. Stevens, P. Mandera, and E. Keuleers, How Many Words Do We Know? Practical Estimates of Vocabulary Size Dependent on Word Definition, the Degree of Language Input and the Participant???s Age, Frontiers in Psychology, vol.27, issue.943, 2016.
DOI : 10.1080/10862969509547878

K. Cao and A. K. Jain, Hacking Mobile Phones Using 2D Printed Fingerprints, 2016.

L. F. and C. , What's wrong with your pa$$word, 2014.

L. F. and C. , Time to rethink mandatory password changes, 2016.

L. Gao and I. Simonson, The positive effect of assortment size on purchase likelihood: The moderating influence of decision order, Journal of Consumer Psychology, vol.34, issue.2, pp.542-549, 2016.
DOI : 10.1086/519293

S. Garfinkel and H. R. Lipford, Usable Security: History, Themes, and Challenges, Synthesis Lectures on Information Security, Privacy, and Trust, vol.4, issue.2, 2014.
DOI : 10.1145/304851.304859

E. I. Le-quan-ha, J. Sicilia-garcia, F. J. Ming, and . Smith, Extension of Zipf's Law to Words and Phrases, Proceedings of the 19th International Conference on Computational Linguistics, 2002.

W. George and . Hartmann, Further evidence on the unexpected large size of recognition vocabularies among college students, Journal of educational psychology, vol.37, issue.7, p.436, 1946.

M. Yasser, W. H. Hausawi, and . Allen, An Assessment Framework for Usable-Security Based on Decision Science, pp.33-44978, 2014.

B. Ives, K. R. Walsh, and H. Schneider, The domino effect of password reuse, Communications of the ACM, vol.47, issue.4, pp.75-78, 2004.
DOI : 10.1145/975817.975820

S. Komanduri, R. Shay, P. G. Kelley, M. L. Mazurek, L. Bauer et al., Of passwords and people, Proceedings of the 2011 annual conference on Human factors in computing systems, CHI '11, pp.2595-2604, 2011.
DOI : 10.1145/1978942.1979321

J. Krantz, , 1998.

C. Kuo, S. Romanosky, and L. F. Cranor, Human selection of mnemonic phrase-based passwords, Proceedings of the second symposium on Usable privacy and security , SOUPS '06, pp.67-78, 2006.
DOI : 10.1145/1143120.1143129

M. Lee, Passphrases that you can memorize ? but that even the NSA can't guess. https://theintercept.com/2015/03/26/passphrases-can- memorize-attackers-cant-guess, 2015.

P. Lipa, The Security Risks of UsingForgot My Password" to Manage Passwords. https://www.stickypassword.com/blog/the-security-risks- of-using-forgot-my-password-to-manage-passwords, 2016.

, Accessed, pp.2017-2029, 2016.

A. George and . Miller, The magical number seven, plus or minus two: some limits on our capacity for processing information, Psychological review, vol.63, issue.2, p.81, 1956.

P. Norvig, Natural language corpus data, Beautiful Data, pp.219-242, 2009.

R. Oldfield, Language: selected readings, 1968.

D. Pilar, A. Jaeger, C. F. Gomes, and L. M. Stein, Passwords Usage and Human Memory Limitations: A Survey across Age and Educational Background, e51067. DOI, 2012.
DOI : 10.1371/journal.pone.0051067.t006
URL : https://journals.plos.org/plosone/article/file?id=10.1371/journal.pone.0051067&type=printable

N. Sigmund and . Porter, A password extension for improved human factors, Computers & Security, vol.1, issue.1, pp.54-56, 1982.

P. Venkata-reddy, A. Kumar, S. Rahman, and T. Singh-mundra, A New Antispoofing Approach for Biometric Devices, pp.4-328, 2008.

V. Ruiz-albacete, P. Tome-gonzalez, F. Alonso-fernandez, J. Galbally, J. Fierrez et al., Direct Attacks Using Fake Images in Iris Verification, pp.181-190978, 2008.
DOI : 10.1109/CCST.2006.313440

S. M. Segreti, W. Melicher, S. Komanduri, D. Melicher, R. Shay et al., Diversify to Survive: Making Passwords Stronger with Adaptive Policies, Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017). USENIX Association, pp.1-12, 2017.

R. Shay, S. Komanduri, A. L. Durity, P. Seyoung, M. L. Huh et al., Can long passwords be secure and usable?, Proceedings of the 32nd annual ACM conference on Human factors in computing systems, CHI '14, pp.2927-2936, 2014.
DOI : 10.1145/2556288.2557377

K. Simoens, P. Tuyls, and B. Preneel, Privacy Weaknesses in Biometric Sketches, 2009 30th IEEE Symposium on Security and Privacy, pp.188-203, 2009.
DOI : 10.1109/SP.2009.24

F. Daniel, A. Smith, B. C. Wiliem, and . Lovell, Face Recognition on Consumer Devices: Reflections on Replay Attacks, IEEE Transactions on Information Forensics and Security, vol.10, pp.736-745, 2015.

U. Topkara, M. J. Atallah, and M. Topkara, Passwords decay, words endure, Proceedings of the 2007 ACM symposium on Applied computing , SAC '07, pp.292-299, 2007.
DOI : 10.1145/1244002.1244072

R. Wash, E. Rader, R. Berman, and Z. Wellmer, Understanding Password Choices: How Frequently Entered Passwords Are Re-used across Websites, Twelfth Symposium on Usable Privacy and Security (SOUPS 2016). USENIX Association, pp.175-188, 2016.

J. Yan, A. Blackwell, R. Anderson, and A. Grant, Password memorability and security: empirical results, IEEE Security & Privacy Magazine, vol.2, issue.5, pp.25-3181, 2004.
DOI : 10.1109/MSP.2004.81

W. Yang, N. Li, O. Chowdhury, A. Xiong, and R. W. Proctor, An Empirical Study of Mnemonic Sentence-based Password Generation Strategies, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS'16, pp.1216-1229, 2016.
DOI : 10.1016/j.cose.2014.07.003