Abstract
MVP is a framework allowing websites to use diverse knowledge-based authentication schemes. One application is its use in conducting ecologically valid user studies of authentication under the same experimental conditions. We introduce MVP and its key characteristics, discuss several authentication schemes, and offer lessons learned from running 9 hybrid (lab/online) and 3 MTurk user studies over the last year.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Amazon Mechanical Turk, https://www.mturk.com
Crowdflower, http://crowdflower.com/
GrIDsure corporate website, http://www.gridsure.com
LimeSurvey: The open source survey application, http://www.limesurvey.org
Passfaces Corporation, http://www.passfaces.com/
Beautement, A., Sasse, A.M.: Gathering realistic authentication performance data through field trials. In: SOUPS USER Workshop (2010)
Biddle, R., Chiasson, S., van Oorschot, P.C.: Graphical Passwords: Learning from the First Twelve Years. ACM Computing Surveys 44(4) (in Press)
Chiasson, S., Biddle, R., van Oorschot, P.C.: A second look at the usability of click-based graphical passwords. In: ACM SOUPS (July 2007)
Chiasson, S., Forget, A., Biddle, R., van Oorschot, P.C.: Influencing users towards better passwords: Persuasive Cued Click-Points. In: BCS-HCI (2008)
Chiasson, S., Stobert, E., Forget, A., Biddle, R., van Oorschot, P.C.: Persuasive Cued Click-Points: Design, implementation, and evaluation of a knowledge-based authentication mechanism. IEEE Transactions on Dependable and Secure Computing, TDSC (in press, 2012)
Davis, D., Monrose, F., Reiter, M.: On user choice in graphical password schemes. In: USENIX Security Symposium (2004)
Hlywa, M., Biddle, R., Patrick, A.: Facing the facts about image type in recognition-based graphical passwords. In: ACSAC (2011)
Jermyn, I., Mayer, A., Monrose, F., Reiter, M., Rubin, A.: The design and analysis of graphical passwords. In: USENIX Security Symposium (1999)
Stobert, E.: Memorability of Assigned Random Graphical Passwords. Master’s thesis, Department of Psychology, Carleton University (August 2011)
Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., Memon, N.: Authentication using graphical passwords: Effects of tolerance and image choice. In: SOUPS (2005)
Wright, N.: Do you see your password? Applying recognition to textual passwords. Master’s thesis, Department of Psychology, Carleton University (August 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chiasson, S. et al. (2012). The MVP Web-Based Authentication Framework. In: Keromytis, A.D. (eds) Financial Cryptography and Data Security. FC 2012. Lecture Notes in Computer Science, vol 7397. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32946-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-32946-3_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32945-6
Online ISBN: 978-3-642-32946-3
eBook Packages: Computer ScienceComputer Science (R0)