Learn More
We introduce context-aware scalable authentication (CASA) as a way of balancing security and usability for authentication. Our core idea is to combine a number of passive factors for authentication (e.g., a user's current location) with appropriate active factors. In this paper, we provide a probabilistic framework for dynamically selecting an active(More)
  • Eiji Hayashi, Cmu Cylab, Japan Nicolas, Christin Cmu, Cylab Japan, Rachna Dhamija +1 other
  • 2007
As small mobile devices such as mobile phones become increasingly sophisticated, they are beginning to be used for highly security-sensitive applications such as payment systems, stock trading, and access control systems. The increasing importance of mobile phones exposes the tremendous lack of access control systems that restrict access to the legitimate(More)
Passwords are the most common authentication scheme today. However, it is difficult for people to memorize strong passwords, such as random sequences of characters. Additionally, passwords do not provide protection against phishing attacks. This paper introduces WebTicket, a low cost, easy-to-use and reliable web account management system that uses "(More)
  • Eiji Hayashi, Oriana Riva, Karin Strauss, A J Bernheim Brush, Stuart Schechter
  • 2012
Most mobile phones and tablets support only two access control device states: locked and unlocked. We investigated how well all-or-nothing device access control meets the need of users by interviewing 20 participants who had both a smartphone and tablet. We find all-or-nothing device access control to be a remarkably poor fit with users' preferences. On(More)
While past work has examined password usage on a specific computer, web site, or organization, there is little work examining overall password usage in daily life. Through a diary study, we examine all usage of passwords, and offer some new findings based on quantitative analyses regarding how often people log in, where they log in, and how frequently(More)
  • 1