• Publications
  • Influence
A large-scale study of web password habits
We report the results of a large scale study of password use andpassword re-use habits. The study involved half a million users over athree month period. A client component on users' machinesExpand
  • 1,001
  • 99
  • PDF
Wavelets and filter banks: theory and design
The wavelet transform is compared with the more classical short-time Fourier transform approach to signal analysis. Then the relations between wavelets, filter banks, and multiresolution signalExpand
  • 1,772
  • 57
Analyzing and Improving a BitTorrent Networks Performance Mechanisms
In recent years, BitTorrent has emerged as a very scalable peer-to-peer file distribution mechanism. While early measurement and analytical studies have verified BitTorrent’s performance, they haveExpand
  • 484
  • 48
  • PDF
So long, and no thanks for the externalities: the rational rejection of security advice by users
  • C. Herley
  • Computer Science
  • NSPW '09
  • 8 September 2009
It is often suggested that users are hopelessly lazy and unmotivated on security questions. They chose weak passwords, ignore security warnings, and are oblivious to certificates errors. We argueExpand
  • 488
  • 35
  • PDF
The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes
We evaluate two decades of proposals to replace text passwords for general-purpose user authentication on the web using a broad set of twenty-five usability, deployability and security benefits thatExpand
  • 482
  • 31
  • PDF
Analyzing and Improving BitTorrent Performance
In recent years, BitTorrent has emerged as a very popular and scalable peer-to-peer file distribution mechanism. It has been successful at distributing large files quickly and efficiently withoutExpand
  • 206
  • 21
  • PDF
Nobody Sells Gold for the Price of Silver: Dishonesty, Uncertainty and the Underground Economy
The underground economy has attracted a lot of attention recently as a key component of cybercrime. In particular the IRC markets for stolen identities, phishing kits, botnets, and cybercrime relatedExpand
  • 153
  • 18
  • PDF
Does my password go up to eleven?: the impact of password meters on password selection
Password meters tell users whether their passwords are "weak" or "strong." We performed a laboratory experiment to examine whether these meters influenced users' password selections when they wereExpand
  • 175
  • 17
  • PDF
Where do security policies come from?
We examine the password policies of 75 different websites. Our goal is understand the enormous diversity of requirements: some will accept simple six-character passwords, while others impose rules ofExpand
  • 154
  • 17
  • PDF
An Administrator's Guide to Internet Password Research
The research literature on passwords is rich but little of it directly aids those charged with securing web-facing services or setting policies. With a view to improving this situation we examineExpand
  • 122
  • 16
  • PDF