Working paper

Introducing Survey++ : an extensible platform for testing the usability and security of credential recovery mechanisms

Abstract:: Mainstream authentication procedures have usually relied on knowledge factors for determining whether to allow a user access to resources. Typically, a user is challenged to provide a token that they know to prove that they are authorised. In the case that this token (password, passphrase, personal identification number, etc.) is forgotten, the usual approach has been to provide password hints or password reset questions during credential recovery to help ensure a user is who they claim to be before allowing them to reset the token. Survey++ is a platform designed to test the usability and security of credential recovery mechanisms. Survey++ was built to test a credential recovery mechanism that reminds a user of their password by showing them characters from the password, but it can be easily extended to test other recovery mechanisms or authentication procedures.

Publication status:: Not published

Peer review status:: Not peer reviewed

Actions

Email

Email this record

Send the bibliographic details of this record to your email address.

Your Email
Please enter the email address that the record information will be sent to.

-
Your message (optional)
Please add any additional information to be included within the email.
Cite

Cite this record

APA Style

Taylor, V., & Flechais, I. (2014). Introducing Survey++ : an extensible platform for testing the usability and security of credential recovery mechanisms (Publisher's version). Centre for Doctoral Training in Cyber Security.

MLA Style

Taylor, V., and I. Flechais. Introducing Survey++ : an Extensible Platform for Testing the Usability and Security of Credential Recovery Mechanisms. Publisher's version, Centre for Doctoral Training in Cyber Security, 2014.

Chicago Style

Taylor, V, and I Flechais. 2014. “Introducing Survey++ : an Extensible Platform for Testing the Usability and Security of Credential Recovery Mechanisms.” Centre for Doctoral Training in Cyber Security.
Share
Print

Access Document

Files:: 04-14.pdf

(Preview, Version of record, pdf, 1.2MB, Terms of use)

Authors

+ Taylor, V More by this author

Institution:: University of Oxford
Division:: MPLS
Department:: Computer Science
Role:: Author

+ Flechais, I More by this author

Institution:: University of Oxford
Division:: MPLS
Department:: Computer Science
Role:: Author

Publisher:: Centre for Doctoral Training in Cyber Security
Publication date:: 2014-01-01
Edition:: Publisher's version

Language:: English
Keywords:: testing platform

password security

password recovery

usability testing
Subjects:: Computing

Computer security

Cyber Security
UUID:: uuid:64d33f34-2966-48ac-a1ce-303c33e48a54
Local pid:: ora:9975
Deposit date:: 2015-02-09

Terms of use

Copyright holder:: Taylor, V
Copyright date:: 2014
Notes:: Copyright 2014 Vincent Taylor and Ivan Flechais.

Licence:: Terms and Conditions of Use for Oxford University Research Archive

Views and Downloads

About views and downloads

If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP