Learn More
A number of recent scams and security attacks (phishing, spyware, fake terminals, ...) hinge on a crook's ability to <i>observe</i> user behavior. In this paper, we describe the design, implementation, and evaluation of a novel class of user authentication systems that are resilient to observation attacks. Our proposal is the first to rely on the human(More)
Most mobile phones and tablets support only two access control device states: locked and unlocked. We investigated how well all or-nothing device access control meets the need of users by interviewing 20 participants who had both a smartphone and tablet. We find all-or-nothing device access control to be a remarkably poor fit with users' preferences. On(More)
In this paper, we propose and evaluate Use Your Illusion, a novel mechanism for user authentication that is secure and usable regardless of the size of the device on which it is used. Our system relies on the human ability to recognize a degraded version of a previously seen image. We illustrate how distorted images can be used to maintain the usability of(More)
We introduce context-aware scalable authentication (CASA) as a way of balancing security and usability for authentication. Our core idea is to choose an appropriate form of active authentication (e.g., typing a PIN) based on the combination of multiple passive factors (e.g., a user's current location) for authentication. We provide a probabilistic framework(More)
While a large body of research on image-based authentication has focused on memorability, comparatively less attention has been paid to the new security challenges these schemes may introduce. Because images can convey more information than text, image-based authentication may be more vulnerable to educated guess attacks than passwords. In this paper, we(More)
This paper discusses and evaluates two novel multisensory user authentication mechanisms aimed at preventing observation attacks. These mechanisms improve the usability of our previous work by reducing authentication times, and are more suitable for portable and mobile devices. The ability to authenticate users is crucial to most modern information systems.(More)
We introduce context-aware scalable authentication (CASA) as a way of balancing security and usability for authentication. Our core idea is to combine a number of passive factors for authentication (e.g., a user's current location) with appropriate active factors. In this paper, we provide a probabilistic framework for dynamically selecting an active(More)
Fruits and vegetables are rich sources of antioxidants in human diets and their intake is associated with chronic disease prevention. Lettuce (Lactuca sativa L.) is a common vegetable in diets worldwide, but its nutritional content is relatively low. To elucidate the genetic basis of antioxidant content in lettuce, we measured the oxygen radical absorbance(More)