English
Related papers

Related papers: Why Do Developers Get Password Storage Wrong? A Qu…

200 papers

Lack of usability of security Application Programming In- terfaces (APIs) is one of the main reasons for mistakes that programmers make that result in security vulnerabilities in software applications they develop. Especially, APIs that…

Cryptography and Security · Computer Science 2018-05-25 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Does the act of writing a specification (how the code should behave) for a piece of security sensitive code lead to developers producing more secure code? We asked 138 developers to write a snippet of code to store a password: Half of them…

Cryptography and Security · Computer Science 2021-02-22 Joseph Hallett , Nikhil Patnaik , Benjamin Shreeve , Awais Rashid

Usability issues that exist in security APIs cause programmers to embed those security APIs incorrectly to the applications they develop. This results in introduction of security vulnerabilities to those applications. One of the main…

Cryptography and Security · Computer Science 2017-06-13 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage , Jill Slay

Despite their well-known security problems, passwords are still the incumbent authentication method for virtually all online services. To remedy the situation, end-users are very often referred to password managers as a solution to the…

Cryptography and Security · Computer Science 2017-12-27 Sanam Ghorbani Lyastani , Michael Schilling , Sascha Fahl , Sven Bugiel , Michael Backes

Typical users are known to use and reuse weak passwords. Yet, as cybersecurity concerns continue to rise, understanding the password practices of software developers becomes increasingly important. In this work, we examine developers'…

Software Engineering · Computer Science 2023-07-04 Nikolaos Lykousas , Constantinos Patsakis

Usable and secure authentication on the web and beyond is mission-critical. While password-based authentication is still widespread, users have trouble dealing with potentially hundreds of online accounts and their passwords. Alternatives…

Cryptography and Security · Computer Science 2023-11-28 Jan H. Klemmer , Marco Gutfleisch , Christian Stransky , Yasemin Acar , M. Angela Sasse , Sascha Fahl

Nowadays, advanced security mechanisms exist to protect data, systems, and networks. Most of these mechanisms are effective, and security experts can handle them to achieve a sufficient level of security for any given system. However, most…

Cryptography and Security · Computer Science 2015-06-25 Hans-Joachim Hof

Nowadays, advanced security mechanisms exist to protect data, systems, and networks. Most of these mechanisms are effective, and security experts can handle them to achieve a sufficient level of security for any given system. However, most…

Cryptography and Security · Computer Science 2015-06-24 Hans-Joachim Hof

Passphrases offer an alternative to traditional passwords which aim to be stronger and more memorable. However, users tend to choose short passphrases with predictable patterns that may reduce the security they offer. To explore the…

Cryptography and Security · Computer Science 2021-10-19 Christopher Bonk , Zach Parish , Julie Thorpe , Amirali Salehi-Abari

Increasing number of cyber-attacks demotivate people to use Information and Communication Technology (ICT) for industrial as well as day to day work. A main reason for the increasing number of cyber-attacks is mistakes that programmers make…

Cryptography and Security · Computer Science 2018-10-12 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Software security is of utmost importance for most software systems. Developers must systematically select, plan, design, implement, and especially, maintain and evolve security features -- functionalities to mitigate attacks or protect…

Software Engineering · Computer Science 2025-09-30 Kevin Hermann , Sven Peldszus , Jan-Philipp Steghöfer , Thorsten Berger

Modern web and digital application password storage relies on password hashing for storage and security. Ad-hoc upgrade of password storage to keep up with hash algorithm norms may be used to save costs but can introduce unforeseen…

Cryptography and Security · Computer Science 2025-10-15 Thomas Rivasseau

A password composition policy restricts the space of allowable passwords to eliminate weak passwords that are vulnerable to statistical guessing attacks. Usability studies have demonstrated that existing password composition policies can…

Cryptography and Security · Computer Science 2013-02-26 Jeremiah Blocki , Saranga Komanduri , Ariel Procaccia , Or Sheffet

Over the years security experts in the field of Information Technology have had a tough time in making passwords secure. This paper studies and takes a careful look at this issue from the angle of philosophy and cognitive science. We have…

Cryptography and Security · Computer Science 2009-09-15 M Atif Qureshi , Arjumand Younus , Arslan Ahmed Khan

Password managers have the potential to help users more effectively manage their passwords and address many of the concerns surrounding password-based authentication, however prior research has identified significant vulnerabilities in…

Cryptography and Security · Computer Science 2019-12-11 Sean Oesch , Scott Ruoti

In this work we analyse five popular commercial password managers for security vulnerabilities. Our analysis is twofold. First, we compile a list of previously disclosed vulnerabilities through a comprehensive review of the academic and…

Cryptography and Security · Computer Science 2020-03-18 Michael Carr , Siamak F. Shahandashti

Prior research has shown that cryptography is hard to use for developers. We aim to understand what cryptography issues developers face in practice. We clustered 91954 cryptography-related questions on the Stack Overflow website, and…

Cryptography and Security · Computer Science 2021-08-17 Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammadhossein Shabani , Mohammad Ghafari

Programmers use security APIs to embed security into the applications they develop. Security vulnerabilities get introduced into those applications, due to the usability issues that exist in the security APIs. Improving usability of…

Cryptography and Security · Computer Science 2017-03-30 Chamila Wijayarathna , Nalin A. G. Arachchilage , Jill Slay

We introduce quantitative usability and security models to guide the design of password management schemes --- systematic strategies to help users create and remember multiple passwords. In the same way that security proofs in cryptography…

Cryptography and Security · Computer Science 2013-09-11 Jeremiah Blocki , Manuel Blum , Anupam Datta

Security holds an important role in a software. Most people are not aware of the significance of security in software system and tend to assume that they will be fine without security in their software systems. However, the lack of security…

Software Engineering · Computer Science 2020-12-25 Ariessa Davaindran Lingham , Nelson Tang Kwong Kin , Chen Wan Jing , Chong Heng Loong , Fatima-tuz-Zahra
‹ Prev 1 2 3 10 Next ›