منابع مشابه
Bootstrapping Mobile PINs Using Passwords
We describe a method of deriving PINs from passwords. The method is useful to obtain friction-free user onboarding to mobile platforms. It has significant business benefits to organizations that wish to introduce mobile apps to existing users – but which are reluctant to make the users authenticate with passwords. From the user’s perspective, a PIN is easier to enter than a password, and a deri...
متن کاملMemory-only selection of dictionary PINs
We estimate the security of dictionary-based PINs (Personal Identification Numbers) that a user selects from his/her memory without any additional aids. The estimates take into account the distribution of words in source language. We use established security metrics, such as entropy, guesswork, marginal guesswork and marginal success rate. The metrics are evaluated for various scenarios – aimed...
متن کاملHuman Computable Passwords
An interesting challenge for the cryptography community is to design authentication protocols that are so simple that a human can execute them without relying on a fully trusted computer. We propose several candidate authentication protocols for a setting in which the human user can only receive assistance from a semi-trusted computer—a computer that stores information and performs computations...
متن کاملPasswords Usage and Human Memory Limitations: A Survey across Age and Educational Background
The present article reports a survey conducted to identify the practices on passwords usage, focusing particularly on memory limitations and the use of passwords across individuals with different age and education backgrounds. A total of 263 participants were interviewed, with ages ranging from 18 to 93 years, and education level ranging from grade school to graduate degree. Contrary to our exp...
متن کاملSession - Key Generation using Human Passwords
We present session-key generation protocols in a model where the legitimate parties share only a human-memorizable password. The security guarantee holds with respect to probabilistic polynomial-time adversaries that control the communication channel (between the parties), and may omit, insert and modify messages at their choice. Loosely speaking, the eeect of such an adversary that attacks an ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Digital Evidence and Electronic Signature Law Review
سال: 2014
ISSN: 2054-8508,1756-4611
DOI: 10.14296/deeslr.v6i0.1863