Learn More
A number of recent scams and security attacks (phishing, spyware, fake terminals, ...) hinge on a crook's ability to <i>observe</i> user behavior. In this paper, we describe the design, implementation, and evaluation of a novel class of user authentication systems that are resilient to observation attacks. Our proposal is the first to rely on the human(More)
Most mobile phones and tablets support only two access control device states: locked and unlocked. We investigated how well all or-nothing device access control meets the need of users by interviewing 20 participants who had both a smartphone and tablet. We find all-or-nothing device access control to be a remarkably poor fit with users' preferences. On(More)
In this paper, we propose and evaluate Use Your Illusion, a novel mechanism for user authentication that is secure and usable regardless of the size of the device on which it is used. Our system relies on the human ability to recognize a degraded version of a previously seen image. We illustrate how distorted images can be used to maintain the usability of(More)
We introduce context-aware scalable authentication (CASA) as a way of balancing security and usability for authentication. Our core idea is to choose an appropriate form of active authentication (e.g., typing a PIN) based on the combination of multiple passive factors (e.g., a user's current location) for authentication. We provide a probabilistic framework(More)
While a large body of research on image-based authentication has focused on memorability, comparatively less attention has been paid to the new security challenges these schemes may introduce. Because images can convey more information than text, image-based authentication may be more vulnerable to educated guess attacks than passwords. In this paper, we(More)
Passwords are the most common authentication scheme today. However, it is difficult for people to memorize strong passwords, such as random sequences of characters. Additionally, passwords do not provide protection against phishing attacks. This paper introduces WebTicket, a low cost, easy-to-use and reliable web account management system that uses(More)
Fruits and vegetables are rich sources of antioxidants in human diets and their intake is associated with chronic disease prevention. Lettuce (Lactuca sativa L.) is a common vegetable in diets worldwide, but its nutritional content is relatively low. To elucidate the genetic basis of antioxidant content in lettuce, we measured the oxygen radical absorbance(More)
Time is a difficult concept for parents to communicate with young children. We developed TimeBlocks, a novel tangible, playful object to facilitate communication about concepts of time with young children. TimeBlocks consists of a set of cubic blocks that function as a physical progress bar. Parents and children can physically manipulate the blocks to(More)
We explore how well the intersection between our own everyday memories and those captured by our smartphones can be used for what we call autobiographical authentication-a challenge-response authentication system that queries users about day-to-day experiences. Through three studies-two on MTurk and one field study-we found that users are good, but make(More)