Publication statistics
Pub. period:2007-2010
Pub. count:10
Number of co-authors:4
Co-authors
Number of publications with 3 favourite co-authors:
Robert Biddle:9Sonia Chiasson:8P. C. van Oorschot:2 Productive colleagues
Alain Forget's 3 most productive colleagues in number of publications:
Robert Biddle:48Sonia Chiasson:10P. C. van Oorschot:4
“
For a list of all the ways technology has failed to improve the quality of life, please press three.
”
-- Alice Kahn
Featured chapter
Read the fascinating history of Wearable Computing, told by its father, Steve Mann
Read Steve's chapter !
Alain Forget
Publications by Alain Forget (bibliography)
Forget, Alain, Chiasson, Sonia and Biddle, Robert (2010): Shoulder-surfing resistance with eye-gaze entry in cued-recall graphical passwords. In: Proceedings of ACM CHI 2010 Conference on Human Factors in Computing Systems 2010. pp. 1107-1110.
“We present Cued Gaze-Points (CGP) as a shoulder-surfing resistant cued-recall graphical password scheme where users gaze instead of mouse-click. This approach has several advantages over similar eye-gaze systems, including a larger password space and its cued-recall nature that can help users remember multiple distinct passwords. Our 45-participant lab study is the first evaluation of gaze-based password entry via user-selected points on images. CGP's usability is potentially acceptable, warranting further refinement and study.”
© All rights reserved Forget et al. and/or their publisher
Forget, Alain, Chiasson, Sonia and Biddle, Robert (2010): Input precision for gaze-based graphical passwords. In: Proceedings of ACM CHI 2010 Conference on Human Factors in Computing Systems 2010. pp. 4279-4284.
“Click-based graphical passwords have been proposed as alternatives to text-based passwords, despite being potentially vulnerable to shoulder-surfing, where an attacker can learn passwords by watching or recording users as they log in. Cued Gaze-Points (CGP) is a graphical password system which defends against such attacks by using eye-gaze password input, instead of mouse-clicks. A first user study revealed that CGP's unique use of eye tracking required special techniques to improve gaze precision. In this paper, we present two enhancements that we developed and tested: a nearest-neighbour gaze-point aggregation algorithm and a 1-point calibration before each password entry. We found that these enhancements made a substantial improvement to users' gaze accuracy and system usability.”
© All rights reserved Forget et al. and/or their publisher
Forget, Alain, Chiasson, Sonia and Biddle, Robert (2009): Lessons from brain age on persuasion for computer security. In: Proceedings of ACM CHI 2009 Conference on Human Factors in Computing Systems 2009. pp. 4435-4440.
“Users generally have difficulty understanding and managing computer security tasks. We examined Nintendo's Brain Age games for ways to help users remember more secure passwords. Instead, we found design elements that encouraged users to continually perform cognitive tasks that would otherwise be tedious. This paper discusses these elements using existing Persuasive Technology principles, and explores how they could be leveraged to make computer security tasks easier and more engaging.”
© All rights reserved Forget et al. and/or ACM Press
Forget, Alain and Biddle, Robert (2008): Memorability of persuasive passwords. In: Proceedings of ACM CHI 2008 Conference on Human Factors in Computing Systems April 5-10, 2008. pp. 3759-3764.
“Text passwords are the primary authentication method used for most online services. Many online users select weak passwords. Regrettably, most proposed methods of strengthening passwords compromise memorability. This paper explores a lightweight password creation mechanism's effect on password memorability. Our system employs Persuasive Technology to assist users in creating stronger passwords. Results show that our improvement scheme affected password memorability only for users who created secure passwords before the system applied its improvement. This result warns researchers to not alienate users who are already security-aware when trying to assist security-unaware users to behave more securely.”
© All rights reserved Forget and Biddle and/or ACM Press
Forget, Alain, Chiasson, Sonia, Oorschot, P. C. van and Biddle, Robert (2008): Improving text passwords through persuasion. In: Proceedings of the 2008 Symposium on Usable Privacy and Security 2008. pp. 1-12.
“Password restriction policies and advice on creating secure passwords have limited effects on password strength. Influencing users to create more secure passwords remains an open problem. We have developed Persuasive Text Passwords (PTP), a text password creation system which leverages Persuasive Technology principles to influence users in creating more secure passwords without sacrificing usability. After users choose a password during creation, PTP improves its security by placing randomly-chosen characters at random positions into the password. Users may shuffle to be presented with randomly-chosen and positioned characters until they find a combination they feel is memorable. In this paper, we present an 83-participant user study testing four PTP variations. Our results show that the PTP variations significantly improved the security of users' passwords. We also found that those participants who had a high number of random characters placed into their passwords would deliberately choose weaker pre-improvement passwords to compensate for the memory load. As a consequence of this compensatory behaviour, there was a limit to the gain in password security achieved by PTP.”
© All rights reserved Forget et al. and/or ACM Press
Forget, Alain, Chiasson, Sonia, Oorschot, Paul C. van and Biddle, Robert (2008): Persuasion for Stronger Passwords: Motivation and Pilot Study. In: Oinas-Kukkonen, Harri, Hasle, Per F. V., Harjumaa, Marja, Segerståhl, Katarina and Øhrstrøm, Peter (eds.) PERSUASIVE 2008 - Persuasive Technology, Third International Conference June 4-6, 2008, Oulu, Finland. pp. 140-150.
Forget, Alain, Chiasson, Sonia and Biddle, Robert (2008): Lessons from Brain Age on password memorability. In: Proceedings of the 2008 Conference on Future Play 2008. pp. 262-263.
“User authentication involves establishing a user's right to access a system. Most user authentication is done with text passwords, which have advantages over other approaches, but more secure passwords are often difficult to remember. Nintendo's Brain Age games involve cognitive training which can improve memory. We examined Brain Age in search of insights towards helping users create and remember more secure passwords. Although Brain Age offers no techniques for memorising specific information, we discovered ideas for a new type of serious game that may help with password memorisation: Password Rehearsal Games.”
© All rights reserved Forget et al. and/or ACM Press
Chiasson, Sonia, Forget, Alain, Biddle, Robert and Oorschot, P. C. van (2008): Influencing Users Towards Better Passwords: Persuasive Cued Click-Points. In: Proceedings of the HCI08 Conference on People and Computers XXII 2008. pp. 121-130.
“Usable security has unique usability challenges because the need for security often means that standard human-computer interaction approaches cannot be directly applied. An important usability goal for authentication systems is to support users in selecting better passwords, thus increasing security by expanding the effective password space. In click-based graphical passwords, poorly chosen passwords lead to the emergence of hotspots -- portions of the image where users are more likely to select click-points, allowing attackers to mount more successful dictionary attacks. We use persuasion to influence user choice in click-based graphical passwords, encouraging users to select more random, and hence more secure, click-points. Our approach is to introduce persuasion to the Cued Click-Points graphical password scheme (Chiasson, van Oorschot, Biddle, 2007). Our resulting scheme significantly reduces hotspots while still maintaining its usability.”
© All rights reserved Chiasson et al. and/or their publisher
Forget, Alain (2008): Helping Users Create and Remember More Secure Text Passwords. In: Proceedings of the HCI08 Conference on People and Computers XXII 2008. pp. 247-248.
“This doctoral research aims to persuade users to choose and remember more secure text passwords. The first component involved user studies demonstrating that users can be persuaded to create more secure text passwords. Unfortunately, the stronger passwords were not as memorable as we had hoped. For the second component, we will attempt to improve password memorability by providing implicit feedback and cueing to users as they login. The third component involves developing password rehearsal games that persuade users to employ established memory aids to assist them in remembering more secure passwords.”
© All rights reserved Forget and/or his/her publisher
Forget, Alain, Chiasson, Sonia and Biddle, Robert (2007): Helping users create better passwords: is this the right approach?. In: Proceedings of the 2007 Symposium on Usable Privacy and Security 2007. pp. 151-152.
“Users tend to form their own mental models of good passwords regardless of any instructions provided. They also tend to favour memorability over security. In our study comparing two mnemonic phrase-based password schemes, we found a surprising number of participants misused both schemes. Intentional or not, they misused the system such that their task of password creation and memorization became easier. Thus, we believe that instead of better instructions or password schemes, a new approach is required to convince users to create more secure passwords. One possibility may lie in employing Persuasive Technology.”
© All rights reserved Forget et al. and/or ACM Press
Show this list on your homepage
Join the technology elite and advance:
Changes to this page (author)
02 Nov 2010: Added02 Nov 2010: Added19 Feb 2010: Modified
12 Jul 2009: Added
12 Jul 2009: Added
26 Jun 2009: Added
17 Jun 2009: Added
09 May 2009: Added
08 Apr 2009: Added
12 May 2008: Added
12 May 2008: Added
Page Information
Page maintainer:
The Editorial Team
URL: http://www.interaction-design.org/references/authors/alain_forget.html
Log in !
