Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Filters

2023 - 20242

Settings

Has files: YesSubject: search.filters.subject.password

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    ItemRestricted
    Usability and security of recognition-based textual password
    (Iowa State University, 2024-07-16) Wasfi, Hassan; Stone, Richard
    Knowledge-based passwords are still the most dominant authentication technique for authentications purposes, in spite of the emergence of alternative systems such as token-based and biometric systems. This approach has remained the most popular one mostly because of its user familiarity, compatibility, usability, affordability. Nevertheless, the main challenge of knowledge-based password schemes based on creating passwords that deliver a balance between usability and security. This dissertation will be focused on the recent researches related to textual and graphical password to have an overview of their usability and security features and drawbacks. The literature review of this dissertation studied the main challenges of textual password schemes (text-based, passphrase, mnemonic, pronounceable, persuasive-text passwords). These schemes have several issues such as memorization, password complexity, password resets, input errors, password reuse and strength against guessing attack. On the other hand, graphical password schemes (recognition, recall, and hybrid passwords) improve the memorability compared to textual password because user experience with interacting with images result in better memorability rate. Graphical passwords have their own issues which are require a huge storage space(costly), complex setup and enrollment, long time to log in, limited password space, and vulnerability to shoulder surfing attack. After a deep investigation done in the literature review, this dissertation will have a thoughtful examination related the major features and drawbacks of recognition-based textual passwords because it provides the usability and security benefits of graphical passwords with the familiarity of textual passwords. Also, this dissertation studied the recognition textual password and its types to have a clear vision to build a usable and secure authentication system. This approach is categorized into two main aspects user and system generated method. Previous researches deeply studied the system-generated recognition textual password for both nouns and passphrase in term of avoiding weak users’ choices of password creation however, researchers found that users had difficulty in memorization in long term memory. On the other hand, user chosen recognition textual password provides high memorability rate compared to system generated but it’s not secure enough because users tend to select predictable words. This dissertation will be focused on user chosen recognition textual password. Third chapter showed a study compares the usability of recognition and recall textual password for nouns and passphrase to distinguish the user’s behaviors of password creation, system design, wordlist, memorability rate, and login time. The study discovered that recognition textual password of passphrase has higher memorability rate compared to recognition nouns, recall nouns and recall passphrase because some users select their password in unmeaningful structure. Also, the login time for recognition passphrase is less than others conditions. The wordlist and system design play an important role storing and retrieving performance. Overall, this result will help to establish a new method that avoiding these issues. Previous studies have not built a recognition textual password method with a high entropy space, and mitigating common attacks. Moreover, enhancing the system design by considering word types, word presentation, and phycological stimulus. These factors can influence the users’ performance in the storing and retrieving processes. Therefore, a novel authentication method called Word Pattern Recognition Textual Password (WPRTP) was proposed, which is based on drawing a pattern on a grid with a specific security requirement to balance between usability and security. This work aims to compare WPRTP with a recall textual password to explore its potential for enhancing user experience, usability, and security. The WPRTP results indicating that it is significantly more memorable in long-term memory (over a three-week period), and required less time to register compared to a recall passphrase. Thus, WPRTP is a potential alternative to traditional textual password.
    34 0
  • Thumbnail Image
    ItemRestricted
    Investigating User Behaviours Toward Password Management
    (Saudi Digital Library, 2023-11-21) Alotaibi, Ibtihal; Shahandashti, Siamak
    Due to the sensitivity and importance of passwords used at work, we aim to examine how users behave toward managing their workplace passwords. We conducted a survey on two samples of users: random participants recruited from Prolific and employees of the University of York. The research objectives include investigating different workplace password behaviours, such as reusing, recalling, and expiration. In addition, users' perceptions of some password management practices such as the importance of changing them periodically. Our findings suggest that password strength might not be impacted by enforced expiration policies, either positively or negatively. We also found that nearly half of respondents believed that complying with the password requirement was the most significant consideration when creating their passwords. Moreover, our results indicated that the cyber security training provided by their work was beneficial to them.
    14 0

Copyright owned by the Saudi Digital Library (SDL) © 2025