Chapter 8

Authentication

Slides

One of:

Joseph Bonneau. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords. In Proceedings of IEEE SP 2012.
Blase Ur, Felicia Alfieri, Maung Aung, Lujo Bauer, Nicolas Christin, Jessica Colnago, Lorrie Faith Cranor, Henry Dixon, Pardis Emami Naeini, Hana Habib, Noah Johnson, William Melicher. Design and Evaluation of a Data-Driven Password Meter In Proceedings of CHI 2017.

Also, one of:

Look up the password rules for a website you use often. How do those rules match what we learned in class?

A New Form of Verification on Bluesky - explaination of blue checkmark “verified accounts”

Password administration for system owners by the National Cyber Security Center of the United Kingdom - one of the first countries to officially advocate for user-friendly password rules

Dinei Florencio et al. Pushing on String: The “Don’t Care” Region of Password Strength. Commun. ACM 59, 11 (November 2016), 66–74.
Adams, Anne, and Martina Angela Sasse. “Users are not the enemy.” Communications of the ACM 42.12 (1999): 40-46.
Bonneau, Joseph, et al. “The quest to replace passwords: A framework for comparative evaluation of web authentication schemes.” _2012 IEEE Symposium on Security and Privacy. IEEE, 2012.
Ur, Blase, et al. “How does your password measure up? The effect of strength meters on password creation.” _21st USENIX security symposium (USENIX Security 12). 2012.
Ur, Blase, et al. “Do users’ perceptions of password security match reality?.” _Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems. 2016.
Wolf, Flynn, Ravi Kuber, and Adam J. Aviv. ““Pretty Close to a Must-Have” Balancing Usability Desire and Security Concern in Biometric Adoption.” Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems. 2019.