Human-Centered Cybersecurity

Digital Identity Guidelines: Enrollment and Identity Proofing Requirements  – Paul Grassi, James Fenton, Naomi Lefkovitz, Jamie Danker, Yee-Yin Choong, Kristen Greene, & Mary Theofanos. SP 800-63A (2017)

Digital Identity Guidelines: Authentication and Lifecycle Management  – Paul Grassi, Elaine Newton, Ray Perliner, Andrew Regenscheid, James Fenton, William Burr, Justin Richter, Naomi Lefkovitz, Jamie Danker, Yee-Yin Choong, Kristen Greene, & Mary Theofanos. SP 800-63B (2017)

Digital Identity Guidelines: Federation and Assertions  – Paul Grassi, Ellen Nadeau, Justin Richer, Sarah Squire, James Fenton, Naomi Lefkovitz, Jamie Danker, Yee-Yin Choong, Kristen Greene, & Mary Theofanos. SP 800-63C (2017)

Memory and Motor Processes of Password Entry Error  - Frank Tamborello & Kristen Greene. Proceedings of the Human Factors and Ergonomics Society Annual Meeting (2016)

Password Entry Errors: Memory or Motor?  - Kristen Greene & Frank Tamborello. Proceedings of the 13th International Conference on Cognitive Modeling (2015)

ACT-R Modeling of Password Entry Errors [poster]  - Kristen Greene & Franklin Tamborello. Proceedings of the 24th Conference on Behavior Representation in Modeling and Simulation (2015)

Electrodermal Activity and Eye Movements Inform the Usability of Passwords [poster]  - Jennifer R. Bergstrom, Kristen Greene, David C. Hawkins, & Christian Gonzalez. Proceedings of the 44th Annual Meeting of the Society for Neuroscience (2014)

Usability and Security Considerations for Public Safety Mobile Authentication  - Yee-Yin Choong, Joshua M. Franklin, & Kristen Greene. NISTIR 8080 (2016)

Measuring the Usability and Security of Permuted Passwords on Mobile Platforms  - Kristen Greene, John M. Kelsey, & Joshua M. Franklin. NISTIR 8040 (2016)

Tap On, Tap Off: Onscreen Keyboards and Mobile Password Entry  Recorded presentation  - Kristen Greene, Joshua M. Franklin, & John M. Kelsey. Proceedings of ShmooCon (2015)

I Can't Type That! P@$$w0rd Entry on Mobile Devices  - Kristen Greene, Melissa A. Gallagher, Brian C. Stanton, & Paul Y. Lee. Proceedings of HCI International (2014)

Usability of PIV Smartcards for Logical Access  - Mary F. Theofanos, Emile L. Morse, Hannah Wald, Yee-Yin Choong, Celeste Paul, & Aiping L. Zhang. NISTIR 7867 (2012)

A Field Study of User Behavior and Perception in Smartcard Authentication   - Emile L. Morse, Celeste L. Paul, Aiping L. Zhang, Yee-Yin Choong, & Mary F. Theofanos. Proceedings of the 13th IFIP TC13 Conference on Human-Computer Interaction (INTERACT) (2011)

PIV Pilot Usability Lessons Learned  – Mary Theofanos (Nov 8, 2010)

Must I, can I? I don’t understand your ambiguous password rules   – Kristen K. Greene & Yee-Yin Choong. Information and Computer Security (2017)

Secure and Usable Enterprise Authentication: Lessons from the Field  – Mary F. Theofanos, Simson L. Garfinkel, & Yee-Yin Choong. IEEE Security & Privacy (2016)

What's a Special Character Anyway? Effects of Ambiguous Terminology in Password Rules   - Yee-Yin Choong & Kristen Greene. Proceedings of the Human Factors and Ergonomics Society Annual Meeting (2016)

What 4,500+ people can tell you – Employees' Attitudes toward Organizational Password Policy Do Matter   - Yee-Yin Choong & Mary F. Theofanos. Proceedings of the 3rd International Conference on Human Aspects of Information Security, Privacy, and Trust (2015)

Effects of Password Permutation on Subjective Usability Across Platforms   - Kristen Greene. Proceedings of HCI International (2015)

Human Generated Passwords - The Impacts of Password Requirements and Presentation Styles   – Paul Y. Lee & Yee-Yin Choong. Proceedings of HCI International (2015)

The Authentication Equation: A Tool to Visualize the Convergence of Security and Usability of Text-Based Passwords   – Cathryn A. Ploehn & Kristen Greene Proceedings of HCI International (2015)

Report: Authentication Diary Study  – Michelle P. Steves & Mary F. Theofanos. NISTIR 7983 (2014)

Development of a Scale to Assess the Linguistic and Phonological Difficulty of Passwords  - Jennifer R. Bergstrom, Stefan A. Frisch, David C. Hawkins, Joy Hackenbracht, Kristen Greene, Mary F. Theofanos, & Brian Griepentrog. Proceedings of the 6th International Conference on Cross-Cultural Design (2014)

United States Federal Employees' Password Management Behaviors   – A Department of Commerce Case Study - Yee-Yin Choong, Mary F. Theofanos, & Hung-Kung Liu. NISTIR 7991 (2014)

Character Strings, Memory and Passwords: What a Recall Study Can Tell Us   – Brian C. Stanton & Kristen K. Greene. Proceedings of the International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS) (2014)

A Cognitive-Behavioral Framework of User Password Management Lifecycle   – Yee-Yin Choong. Proceedings of HCI International (2014)

Password Usability  - Yee-Yin Choong (Oct 23, 2015)

Employee Password Usability Study  - Yee-Yin Choong (Sep 10, 2015)

Password Policy Languages: Usable Translation from the Informal to the Formal  – Michelle Steves, Mary Theofanos, Celia Paulsen, & Athos Ribeiro. Proceedings of the International Conference on Human Aspects of Information Security, Privacy, and Trust (2015)

Clear, Unambiguous Password Policies: An Oxymoron?  – Michelle Steves, Kevin Killourhy, & Mary F. Theofanos Proceedings of the 6th International Conference on Cross-Cultural Design (2014)

Taxonomic Rules for Password Policies: Translating the Informal to the Formal Language  – Kevin Killourhy, Yee-Yin Choong, & Mary Theofanos. NISTIR 7970 (2013)

Usability Research in Support Of Cyber-Security: A Password Policy Taxonomy  – Kevin Killourhy (May 7, 2008)