Our comprehensive survey of graphical passwords is now available as a technical report: It is available here: Graphical Passwords: Learning from the First Twelve Years … [Read more...] about Comprehensive survey of graphical passwords
MVP technical report posted
We have posted a new technical report on our MVP web-based authentication framework and the initial user studies that used it as an experimental platform. It is available here: The MVP Web-Based Authentication Framework … [Read more...] about MVP technical report posted
ACSAC 2010
We've just returned from ACSAC 2010 in Austin, Texas. What a change from the winter weather in Canada! Another highlight was the "Security blankets" that they gave us instead of the usual conference bag. Elizabeth presented our paper on the first day. It was the only usable security paper at the conference, but there was lots of audience interest and questions. Tom Longstaff's invited talk about the experimental process and the importance of gathering real data resulted in lively … [Read more...] about ACSAC 2010
10-year CRC event in Toronto
I attended the 10th-anniversary Canada Research Chair event in Toronto with Paul and other CRCs from Carleton. A lot of the CRCs from Ontario and their students/postdocs attended the 2-day event showcasing research in Canada. Everyone had posters, ours was on usable authentication. It was interesting to see the wide spectrum of research topics - humanities, technology, engineering, sciences - it was all represented. … [Read more...] about 10-year CRC event in Toronto
FC'11 Workshop on User Authentication
We are organizing a workshop on user authentication, co-located with Financial Cryptography 2011 in St. Lucia on March 4, 2011. The workshop will consist of invited talks and expert panels. A preliminary program is available and will be updated as details are finalized. Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions Friday, March 4, 2011 --- St. Lucia … [Read more...] about FC'11 Workshop on User Authentication
Looking for game programmer
We are currently looking for people to work on a web-based serious game about computer security. If you think you have the required software design and programming skills, please contact me. … [Read more...] about Looking for game programmer
ACSAC paper now available
The camera-ready version of our upcoming ACSAC 2010 paper is now available. … [Read more...] about ACSAC paper now available
ACSAC 2010 paper
We recently received the good news that our paper on "Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords" was accepted at ACSAC 2010. Elizabeth will be presenting it in Texas in December. A copy of the final ACSAC version of the paper will be posted shortly. … [Read more...] about ACSAC 2010 paper
PST 2010
Last week, IEEE's Privacy, Security, Trust conference (PST) was held here in Ottawa. The talks were an interesting mix ranging from very technical to public policy topics. I taught a half-day tutorial introducing usable security and how to run usability evaluations. We had a paper on using eye-gaze as a tool to predict likely click-based graphical password click-points: Guessing Click-Based Graphical Passwords by Eye Tracking (2010). Daniel LeBlanc, Alain Forget, Robert Biddle. … [Read more...] about PST 2010
ISSNet Summer School
After SOUPS, we went directly to Vancouver for the 2nd annual ISSNet Summer School held at UBC. We had a week of tutorials on different security topics, with lots of opportunity to get to know the other members of ISSNet. Our UBC hosts were great, and organized lots of social events around the technical program. … [Read more...] about ISSNet Summer School