English
Related papers

Related papers: Keep your memory dump shut: Unveiling data leaks i…

200 papers

To encourage users to use stronger and more secure passwords, modern web browsers offer users password management services, allowing users to save previously entered passwords locally onto their hard drives. We present Lupin, a tool that…

Cryptography and Security · Computer Science 2013-09-06 Raul Gonzalez , Eric Y. Chen , Collin Jackson

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl

Vulnerabilities in password managers are unremitting because current designs provide large attack surfaces, both at the client and server. We describe and evaluate Horcrux, a password manager that is designed holistically to minimize and…

Cryptography and Security · Computer Science 2017-10-11 Hannah Li , David Evans

Like most modern software, secure messaging apps rely on third-party components to implement important app functionality. Although this practice reduces engineering costs, it also introduces the risk of inadvertent privacy breaches due to…

Cryptography and Security · Computer Science 2024-07-16 Nikita Samarin , Alex Sanchez , Trinity Chung , Akshay Dan Bhavish Juleemun , Conor Gilsenan , Nick Merrill , Joel Reardon , Serge Egelman

Password managers encourage users to generate passwords to improve their security. However, research has shown that users avoid generating passwords, often giving the rationale that it is difficult to enter generated passwords on devices…

Human-Computer Interaction · Computer Science 2024-09-06 John Sadik , Scott Ruoti

Application authentication is typically performed using some form of secret credentials such as cryptographic keys, passwords, or API keys. Since clients are responsible for securely storing and managing the keys, this approach is…

Cryptography and Security · Computer Science 2022-11-24 Mihai Christodorescu , Maliheh Shirvanian , Shams Zawoad

Credential theft and remote attacks are the most serious threats to user authentication mechanisms. The crux of these problems is that we cannot control such behaviors. However, if a password does not contain user secrets, stealing it is…

Cryptography and Security · Computer Science 2024-06-03 Suyun Borjigin

Application programming interfaces (APIs) have become a central part of the modern IT environment, allowing developers to enrich the functionality of applications and interact with third parties such as cloud and payment providers. This…

Cryptography and Security · Computer Science 2026-03-17 Nurullah Demir , Yash Vekaria , Georgios Smaragdakis , Zakir Durumeric

Since the demise of the password was predicted in 2004, different attempts in industry and academia have been made to create an alternative for the use of passwords in authentication, without compromising on security and user experience.…

Cryptography and Security · Computer Science 2023-12-06 Tunde Oduguwa , Abdullahi Arabo

Users often choose passwords that are easy to remember but also easy to guess by attackers. Recent studies have revealed the vulnerability of textual passwords to shoulder surfing and keystroke loggers. It remains a critical challenge in…

Human-Computer Interaction · Computer Science 2014-07-29 Mahdi Nasrullah Al-Ameen , S M Taiabul Haque , Matthew Wright

System prompts are widely used to guide the outputs of large language models (LLMs). These prompts often contain business logic and sensitive information, making their protection essential. However, adversarial and even regular user queries…

Cryptography and Security · Computer Science 2025-08-28 Zhifeng Jiang , Zhihua Jin , Guoliang He

Human memory is not perfect - people constantly memorize new facts and forget old ones. One example is forgetting a password, a common problem raised at IT help desks. We present several protocols that allow a user to automatically recover…

Cryptography and Security · Computer Science 2009-06-26 Łukasz Chmielewski , Jaap-Henk Hoepman , Peter van Rossum

Using the computational resources of an untrusted third party to crack a password hash can pose a high number of privacy and security risks. The act of revealing the hash digest could in itself negatively impact both the data subject who…

Cryptography and Security · Computer Science 2023-06-16 Norbert Tihanyi , Tamas Bisztray , Bertalan Borsos , Sebastien Raveau

LLM-powered applications routinely embed secrets in system prompts, yet models can be tricked into revealing them. We built an adaptive attacker that evolves its strategies over hundreds of rounds and tested it against nine defense…

Cryptography and Security · Computer Science 2026-05-14 Priyal Deep , Shane Emmons , Amy Fox , Kyle Bacon , Kelley McAllister , Peter Ortiz , Krisztian Flautner

Web services commonly employ Content Distribution Networks (CDNs) for performance and security. As web traffic is becoming 100% HTTPS, more and more websites allow CDNs to terminate their HTTPS connections. This practice may expose a…

Cryptography and Security · Computer Science 2023-02-02 Rui Xin , Shihan Lin , Xiaowei Yang

Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…

Cryptography and Security · Computer Science 2014-02-27 Sharayu A. Aghav , RajneeshKaur Bedi

For the first time, we report gender bias in people's choice and use of password managers, through a semi-structured interview ($n=18$) and a questionnaire-based survey ($n=200$, conducted `in the wild'). Not only do women and men prefer…

Cryptography and Security · Computer Science 2022-06-29 Jeff Yan , Dearbhla McCabe

As LLM-powered agents are increasingly deployed in edge-cloud environments, personalized memory has become a key enabler of long-term adaptation and user-centric interaction. However, cloud-assisted memory management exposes sensitive user…

Cryptography and Security · Computer Science 2026-05-15 Yining Chen , Jihao Zhao , Bo Tang , Haofen Wang , Yue Zhang , Fei Huang , Feiyu Xiong , Zhiyu Li

Pervasive use of software applications continues to challenge user privacy when users interact with software systems. Even though privacy practices such as Privacy by Design (PbD), have clear in- structions for software developers to embed…

Software Engineering · Computer Science 2018-05-28 Awanthika Senarath , Nalin Asanka Gamagedara Arachchilage

Passwords are a good idea, in theory. They have the potential to act as a fairly strong gateway. In practice though, passwords are plagued with problems. They are (1) easily shared, (2) trivial to observe and (3) maddeningly elusive when…

Cryptography and Security · Computer Science 2015-08-25 Joseph Maguire , Karen Renaud