On password behaviours and attitudes in different populations

Fahl, 2013, On the ecological validity of a password study Forget, 2008, Improving text passwords through persuasion, 1 Thorpe, 2013, Usability and security evaluation of geopass: ageographic location-password scheme Dirik, 2007, Modeling user choice in the passpoints graphical password scheme, 20 Zakaria, 2011, Shoulder surfing defence for recall-based graphical passwords Hoerger, 2010, Participant dropout as a function of survey length in internet-mediated university studies: implications for study design and voluntary participation in psychological research, Cyberpsychol, Behav, Social Network, 13, 697, 10.1089/cyber.2009.0445 Kelley, 2012, Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms, 523 Weir, 2010, Testing metrics for password creation policies by attacking large sets of revealed passwords, 162 Das, 2014, The tangled web of password reuse, 14, 23 Florêncio, 2007, A large-scale study of web password habits, 657 Zviran, 1999, Password security: an empirical study, J Manag Inf Syst, 15, 161, 10.1080/07421222.1999.11518226 Zhang, 2009, Improving multiple-password recall: an empirical study, Eur J Inf Syst, 18, 165, 10.1057/ejis.2009.9 Komanduri, 2011, Of passwords and people: measuring the effect of password-composition policies, 2595 Haque, 2013, A study of user password strategy for multiple accounts, 173 Bonneau, 2012, The quest to replace passwords: a framework for comparative evaluation of web authentication schemes, 553 Florêncio, 2014, An administrator’s guide to internet password research, 14, 35 Buhrmester, 2011, Amazon’s mechanical turk a new source of inexpensive, yet high-quality, data?, Perspect Psychol Sci, 6, 3, 10.1177/1745691610393980 Biddle, 2012, Graphical passwords: learning from the first twelve years, ACM Comput Surv, 44, 10.1145/2333112.2333114 Mazurek, 2013, Measuring password guessability for an entire university, 173 Stobert, 2015, Expert password management, 3 Loutfi, 2015, Passwords are not always stronger on the other side of the fence Ion, 2015, “... no one can hack my mind”: comparing expert and non-expert security practices, 327 Zhang, 2010, The security of modern password expiration: an algorithmic framework and empirical analysis, 176 Schechter S. Common pitfalls in writing about security and privacy human subjects experiments, and how to avoid them. http://research.microsoft.com/apps/pubs/default.aspx?id=179980, [Last Accessed: June, 2018]. Atkinson, 1968, Human memory: a proposed system and its control processes, Psychol Learn Motivat, 2, 89, 10.1016/S0079-7421(08)60422-3 Magnumripper. Community enhanced version (bleeding jumbo) of john the ripper 1.8. https://github.com/magnumripper/JohnTheRipper/tree/c63b0187eab690ba92093a7d6182752527ecd26a, [Last Accessed: June, 2018]. Dazzlepod. Dazzlepod disclosure project. http://dazzlepod.com/disclosure/, [Last Accessed: June, 2016]. Weir, 2009, Password cracking using probabilistic context-free grammars, 391 Weir M. Reusable security. https://sites.google.com/site/reusablesec/, [Last Accessed: June, 2018]. Veras, 2014, On the semantic patterns of passwords and their security impact Veras R. Parsing and semantic classification of passwords. 2017. https://github.com/vialab/semantic-guesser [Last Accessed: January, 2018].