-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathbibliography.bib
More file actions
148 lines (148 loc) · 6.1 KB
/
bibliography.bib
File metadata and controls
148 lines (148 loc) · 6.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
@article{Estes2017Aug,
author = {Estes, Adam Clark},
title = {{The Guy Who Invented Those Annoying Password Rules Now Regrets
Wasting Your Time}},
journal = {Gizmodo},
year = {2017},
month = 8,
publisher = {Gizmodo},
url =
{https://gizmodo.com/the-guy-who-invented-those-annoying-password-rules-now-1797643987}
}
@misc{ANUSLR,
title = {{Systematic literature reviews}},
journal = {ANU},
year = {2020},
month = 7,
note = {[Online; accessed 11. Sep. 2023]},
url =
{https://www.anu.edu.au/students/academic-skills/research-writing/literature-reviews/systematic-literature-reviews}
}
@misc{ElsevierSLR,
title = {{Systematic Literature Review or Literature Review {$\vert$}
Elsevier}},
journal = {Elsevier Author Services - Articles},
year = {2023},
month = 8,
note = {[Online; accessed 11. Sep. 2023]},
url =
{https://scientific-publishing.webshop.elsevier.com/research-process/systematic-literature-review-or-literature-review}
}
@TechReport{GuessingHumanChosenSecrets2012,
author = {Bonneau, Joseph},
title = {{Guessing human-chosen secrets}},
year = 2012,
month = may,
url = {https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-819.pdf},
institution = {University of Cambridge, Computer Laboratory},
doi = {10.48456/tr-819},
number = {UCAM-CL-TR-819}
}
@inproceedings{OfPasswordsAndPeople,
author={Komanduri, Saranga and
Shay, Richard and
Kelley, Patrick Gage and
Mazurek, Michelle L. and
Bauer, Lujo and
Christin Nicolas and
Cranor, Lorrie Faith and
Egelman, Serge},
title={Of passwords and people:
Measuring the effect of password-composition policies},
booktitle={CHI},
year={2011},
URL={http://cups.cs.cmu.edu/rshay/pubs/passwords_and_people2011.pdf},
}
@inproceedings{CanLongPasswordsBeSecureAndUsable,
title={Can long passwords be secure and usable?},
author={Shay, Richard and
Komanduri, Saranga and
Durity, Adam L and
Huh, Phillip Seyoung and
Mazurek, Michelle L and
Segreti, Sean M and
Ur, Blase and
Bauer, Lujo and
Christin, Nicolas and
Cranor, Lorrie Faith},
booktitle={Proceedings of the 32nd annual ACM conference on Human factors
in computing systems},
pages={2927--2936},
year={2014},
organization={ACM},
URL={http://lorrie.cranor.org/pubs/longpass-chi2014.pdf},
}
@article{GraphicalPasswordsSurvey,
author = {Biddle, Robert and Chiasson, Sonia and Van Oorschot, P.C.},
title = {Graphical Passwords: Learning from the First Twelve Years},
year = {2012},
issue_date = {August 2012},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {44},
number = {4},
issn = {0360-0300},
doi = {10.1145/2333112.2333114},
abstract = {Starting around 1999, a great many graphical password schemes
have been proposed as alternatives to text-based password
authentication. We provide a comprehensive overview of published
research in the area, covering both usability and security
aspects as well as system evaluation. The article first
catalogues existing approaches, highlighting novel features of
selected schemes and identifying key usability or security
advantages. We then review usability requirements for
knowledge-based authentication as they apply to graphical
passwords, identify security threats that such systems must
address and review known attacks, discuss methodological issues
related to empirical evaluation, and identify areas for further
research and improved methodology.},
journal = {ACM Comput. Surv.},
month = {sep},
articleno = {19},
numpages = {41},
keywords = {Authentication, graphical passwords, usable security}
}
@article{SLRinIS,
title={Achieving rigor in literature reviews: Insights from qualitative
data analysis and tool-support},
author={Bandara, Wasana and Furtmueller, Elfi and Gorbacheva, Elena and
Miskon, Suraya and Beekhuyzen, Jenine},
journal={Communications of the Association for Information systems},
volume={37},
number={1},
pages={8},
year={2015}
}
@inproceedings{WhyPhishingWorks,
author = {Dhamija, Rachna and Tygar, J. D. and Hearst, Marti},
title = {Why Phishing Works},
year = {2006},
isbn = {1595933727},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
doi = {10.1145/1124772.1124861},
abstract = {To build systems shielding users from fraudulent (or phishing)
websites, designers need to know which attack strategies work and
why. This paper provides the first empirical evidence about which
malicious strategies are successful at deceiving general users.
We first analyzed a large set of captured phishing attacks and
developed a set of hypotheses about why these strategies might
work. We then assessed these hypotheses with a usability study in
which 22 participants were shown 20 web sites and asked to
determine which ones were fraudulent. We found that 23\% of the
participants did not look at browser-based cues such as the
address bar, status bar and the security indicators, leading to
incorrect choices 40\% of the time. We also found that some
visual deception attacks can fool even the most sophisticated
users. These results illustrate that standard security indicators
are not effective for a substantial fraction of users, and
suggest that alternative approaches are needed.},
booktitle = {Proceedings of the SIGCHI Conference on Human Factors in
Computing Systems},
pages = {581–590},
numpages = {10},
keywords = {why phishing works, phishing, security usability, phishing user
study},
location = {Montr\'{e}al, Qu\'{e}bec, Canada},
series = {CHI '06}
}