English
Related papers

Related papers: Why Do Developers Get Password Storage Wrong? A Qu…

200 papers

Managing passwords securely and conveniently is still an open problem for many users. Existing research has examined users' password management strategies and identified pain points, such as security concerns, leading to insecure practices.…

Cryptography and Security · Computer Science 2025-10-16 Alexander Ponticello , Filipo Sharevski , Simon Anell , Katharina Krombholz

Pervasive use of software applications continues to challenge user privacy when users interact with software systems. Even though privacy practices such as Privacy by Design (PbD), have clear in- structions for software developers to embed…

Software Engineering · Computer Science 2018-05-28 Awanthika Senarath , Nalin Asanka Gamagedara Arachchilage

This work aims at discussing the complexity aspect of software while demonstrating its relationship with security. Complexity is an essential part of software; however, numerous studies indicate that they increase the vulnerability of the…

Software Engineering · Computer Science 2020-02-18 Mamdouh Alenezi , Mohammad Zarour

Password managers encourage users to generate passwords to improve their security. However, research has shown that users avoid generating passwords, often giving the rationale that it is difficult to enter generated passwords on devices…

Human-Computer Interaction · Computer Science 2024-09-06 John Sadik , Scott Ruoti

Due to non-experts also developing security relevant applications it is necessary to support them too. Some improvements in the current research may not reach or impact these developers. Nonetheless these developers use security libraries.…

Cryptography and Security · Computer Science 2016-03-24 Kai Mindermann

Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…

Cryptography and Security · Computer Science 2014-02-27 Sharayu A. Aghav , RajneeshKaur Bedi

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Text password has served as the most popular method for user authentication so far, and is not likely to be totally replaced in foreseeable future. Password authentication offers several desirable properties (e.g., low-cost, highly…

Cryptography and Security · Computer Science 2022-12-27 Lam Tran , Thuc Nguyen , Changho Seo , Hyunil Kim , Deokjai Choi

The aim of this work is to study the evolution of password selection among users. We investigate whether users follow best practices when selecting passwords and identify areas in need of improvement. Four distinct publicly-available…

Cryptography and Security · Computer Science 2018-04-12 Theodosis Mourouzis , Kyriacos E. Pavlou , Stylianos Kampakis

Password users frequently employ passwords that are too simple, or they just reuse passwords for multiple websites. A common complaint is that utilizing secure passwords is too difficult. One possible solution to this problem is to use a…

Cryptography and Security · Computer Science 2019-06-04 Elan Rosenfeld , Santosh Vempala , Manuel Blum

Formal verification has recently been increasingly used to prove the correctness and security of many applications. It is attractive because it can prove the absence of errors with the same certainty as mathematicians proving theorems.…

Cryptography and Security · Computer Science 2025-09-09 Carolina Carreira , João F. Ferreira , Alexandra Mendes , Nicolas Christin

Passwords are a good idea, in theory. They have the potential to act as a fairly strong gateway. In practice though, passwords are plagued with problems. They are (1) easily shared, (2) trivial to observe and (3) maddeningly elusive when…

Cryptography and Security · Computer Science 2015-08-25 Joseph Maguire , Karen Renaud

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl

Although it is common for users to select bad passwords that can be easily cracked by attackers, password-based authentication remains the most widely-used method. To encourage users to select good passwords, enterprises often enforce…

Cryptography and Security · Computer Science 2015-12-21 Cem S. Sahin , Robert Lychev , Neal Wagner

Users often choose passwords that are easy to remember but also easy to guess by attackers. Recent studies have revealed the vulnerability of textual passwords to shoulder surfing and keystroke loggers. It remains a critical challenge in…

Human-Computer Interaction · Computer Science 2014-07-29 Mahdi Nasrullah Al-Ameen , S M Taiabul Haque , Matthew Wright

Given programming languages can provide different types and levels of security support, it is critically important to consider security aspects while selecting programming languages for developing software systems. Inadequate consideration…

Software Engineering · Computer Science 2021-11-29 Roland Croft , Yongzheng Xie , Mansooreh Zahedi , M. Ali Babar , Christoph Treude

Researchers have extensively explored how password creation policies influence the security and usability of user-chosen passwords, producing evidence-based policy guidelines. However, for web authentication to improve in practice, websites…

Cryptography and Security · Computer Science 2023-09-08 Suood Alroomi , Frank Li

Security is a requirement of utmost importance to produce high-quality software. However, there is still a considerable amount of vulnerabilities being discovered and fixed almost weekly. We hypothesize that developers affect the…

Software Engineering · Computer Science 2021-09-14 Sofia Reis , Rui Abreu , Luis Cruz

Leaked passwords from data breaches can pose a serious threat to users if the password is reused elsewhere. With more online services getting breached today, there is still a lack of large-scale quantitative understanding of the risks of…

Cryptography and Security · Computer Science 2017-06-09 Chun Wang , Steve T. K. Jan , Hang Hu , Gang Wang

Reusing passwords across multiple websites is a common practice that compromises security. Recently, Blum and Vempala have proposed password strategies to help people calculate, in their heads, passwords for different sites without…

Human-Computer Interaction · Computer Science 2018-05-28 Samira Samadi , Santosh Vempala , Adam Tauman Kalai