TY  - CHAP
U1  - Konferenzveröffentlichung
A1  - Gruschka, Nils
A1  - Lo Iacono, Luigi
T1  - Password Visualization beyond Password Masking
T2  - Eighth International Network Conference (INC 2010), Heidelberg, Germany, July 6-8, 2010. Proceedings
N2  - When entering a password (or other secrets) the typed input is most commonly masked, i.e. the characters are hidden behind bullets or asterisks. This, however, complicates the input and highly decreases the user's confident causing several issues such as login failure attempts. On the other hand, password masking is an important security requirement for a lot of applications and contexts to prevent a third person to read the password. Thus, simply dropping password masking is not feasible in general. A common solution provides the user with the choice of toggling password masking on and off, but due to distinct defaults (in dependency of the application and context) this is rather complex and confusing. Enhanced password visualization technologies beyond the simple masking of passwords can provide more sophisticated solutions from both a usability and security perspective. In this paper, available password visualization technologies are presented and discussed. Furthermore a novel password visualization approach is introduced, the TransparentMask, which provides unique properties in comparison to the existing schemes. Amongst these are the ability to detect mistakes while typing and being able to localize and correct the typo within a certain range. Finally, a security analysis of the TransparentMask shows that the protection level given by a certain password length is slightly decreased in comparison to the fully masked approach.
KW  - Password Visualization
KW  - Password Masking
KW  - Passwords
Y1  - 2010
UR  - https://www.cscan.org/?page=openaccess&eid=2&id=111
SN  - 978-1-84102-259-8
SB  - 978-1-84102-259-8
SP  - 179
EP  - 188
S1  - 10
PB  - CSCAN
CY  - Plymouth
ER  -