We are pleased to announce that our recent paper, Why phishing still works: user strategies for combating phishing attacks, will be published in the International Journal of Human Computer Studies. A pre-print will be available shortly. Here is the abstract: We have conducted a user study to assess whether improved browser security indicators and increased awareness of phishing have led to users' improved ability to protect themselves against such attacks. Participants were shown a … [Read more...] about Phishing paper to be published
Journal
new DESI journal article on Password Expiration
We are happy to announce that our journal paper, Quantifying the Security Advantage of Password Expiration Policies, will appear in an upcoming issue of Springer's Designs, Codes and Cryptography. A pre-print authors' copy is available on our publications page. The abstract of the paper is as follows: Many security policies force users to change passwords within fixed intervals, with the apparent justification that this improves overall security. However, the implied security benefit has … [Read more...] about new DESI journal article on Password Expiration
New journal paper
Our journal paper: "User-Centred Authentication Feature Framework", stemming from Alain's PhD thesis, has been accepted for publication in the Information Management and Computer Security journal. It should appear later this year. … [Read more...] about New journal paper
TDSC paper
Our paper: Persuasive Cued Click-Points: Design, implementation, and evaluation of a knowledge-based authentication mechanism has recently been accepted for journal publication in the IEEE Transactions on Dependable and Secure Computing (TDSC). An earlier technical report is currently available and a pre-print of the journal paper will be available shortly. … [Read more...] about TDSC paper
ACM Computing Surveys
Our survey of graphical passwords has been accepted for publication in ACM Computing Surveys. … [Read more...] about ACM Computing Surveys