{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T18:18:51Z","timestamp":1776104331877,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,5,7]],"date-time":"2016-05-07T00:00:00Z","timestamp":1462579200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Microsoft"},{"name":"NSF","award":["CNS-1116776"],"award-info":[{"award-number":["CNS-1116776"]}]},{"name":"NSF","award":["DGE-0903659"],"award-info":[{"award-number":["DGE-0903659"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,5,7]]},"DOI":"10.1145\/2858036.2858384","type":"proceedings-article","created":{"date-parts":[[2016,5,5]],"date-time":"2016-05-05T10:08:22Z","timestamp":1462442902000},"page":"527-539","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":55,"title":["Usability and Security of Text Passwords on Mobile Devices"],"prefix":"10.1145","author":[{"given":"William","family":"Melicher","sequence":"first","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Darya","family":"Kurilova","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sean M.","family":"Segreti","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pranshu","family":"Kalvani","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Richard","family":"Shay","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Blase","family":"Ur","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lujo","family":"Bauer","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nicolas","family":"Christin","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lorrie Faith","family":"Cranor","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michelle L.","family":"Mazurek","sequence":"additional","affiliation":[{"name":"University of Maryland, College Park, MD, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2016,5,7]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/TAC.1974.1100705"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2037373.2037440"},{"key":"e_1_3_2_2_3_1","volume-title":"Ashley Madison: What's in the leaked accounts data dump? (August","author":"BBC.","year":"2015","unstructured":"BBC. 2015. Ashley Madison: What's in the leaked accounts data dump? (August 2015). http:\/\/www.bbc.com\/news\/technology-33986228"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2015.23003"},{"key":"e_1_3_2_2_5_1","unstructured":"Joseph Bonneau. 2010. The Gawker hack: how a million passwords were lost. (2010). http: \/\/www.lightbluetouchpaper.org\/2010\/12\/15\/thegawker-hack-how-a-million-passwords-were-lost\/."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-35694-0_10"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.49"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1177\/1745691610393980"},{"key":"e_1_3_2_2_9_1","unstructured":"William E. Burr Donna F. Dodson and W. Timothy Polk. 2006. Electronic Authentication Guideline. Technical Report. NIST. http:\/\/csrc.nist.gov\/publications\/nistpubs\/80063\/SP800--63V1_0_2.pdf"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267336.1267337"},{"key":"e_1_3_2_2_11_1","volume-title":"Modern Password Cracking: A hands-on approach to creating an optimised and versatile attack. Master's thesis. Royal Holloway","author":"Chrysanthou Yiannis","year":"2013","unstructured":"Yiannis Chrysanthou. 2013. Modern Password Cracking: A hands-on approach to creating an optimised and versatile attack. Master's thesis. Royal Holloway, University of London. https:\/\/www.ma. rhul.ac.uk\/static\/techrep\/2013\/MA-2013-07.pdf"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1111\/j.2517-6161.1972.tb00899.x"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2557097"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2010.5461951"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753688"},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1837110.1837114"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2501604.2501617"},{"key":"e_1_3_2_2_18_1","volume-title":"Proc. Web 2.0 Security & Privacy. http:\/\/www.w2spconf.com\/2011\/papers\/feltmobilephishing.pdf","author":"Felt Adrienne Porter","year":"2011","unstructured":"Adrienne Porter Felt and David Wagner. 2011. Phishing on Mobile Devices. In Proc. Web 2.0 Security & Privacy. http:\/\/www.w2spconf.com\/2011\/papers\/feltmobilephishing.pdf"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/1361419.1361429"},{"key":"e_1_3_2_2_20_1","volume-title":"Mozilla: data stolen from hacked bug database was used to attack Firefox. (Sep","author":"Geuss Megan","year":"2015","unstructured":"Megan Geuss. 2015. Mozilla: data stolen from hacked bug database was used to attack Firefox. (Sep 2015). http:\/\/arstechnica.com\/security\/2015\/09\/ mozilla-data-stolen-from-hacked-bug-databasewas-used-to-attack-firefox\/"},{"key":"e_1_3_2_2_21_1","volume-title":"8 million leaked passwords connected to LinkedIn, dating website. (Jun","author":"Goodin Dan","year":"2012","unstructured":"Dan Goodin. 2012a. 8 million leaked passwords connected to LinkedIn, dating website. (Jun 2012). http:\/\/arstechnica.com\/security\/2012\/06\/8million-leaked-passwords-connected-tolinkedin\/"},{"key":"e_1_3_2_2_22_1","volume-title":"Why passwords have never been weaker-and crackers have never been stronger. Ars Technica. (August","author":"Goodin Dan","year":"2012","unstructured":"Dan Goodin. 2012b. Why passwords have never been weaker-and crackers have never been stronger. Ars Technica. (August 2012). http:\/\/arstechnica.com\/ security\/2012\/08\/passwords-under-assault\/."},{"key":"e_1_3_2_2_23_1","volume-title":"Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked. (Sep","author":"Goodin Dan","year":"2015","unstructured":"Dan Goodin. 2015. Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked. (Sep 2015). http:\/\/arstechnica.com\/security\/2015\/09\/onceseen-as-bulletproof-11-million-ashley-madisonpasswords-already-cracked\/"},{"key":"e_1_3_2_2_24_1","volume-title":"Tap On","author":"Greene Kristen K.","year":"2015","unstructured":"Kristen K. Greene, Joshua Franklin, and John Kelsey. 2015. Tap On, Tap Off: Onscreen Keyboards and Mobile Password Entry. http:\/\/www.shmoocon.org\/speakers#tappedout. (2015). ShmooCon."},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--319-07620--1_15"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2516760.2516767"},{"key":"e_1_3_2_2_27_1","volume-title":"Proc. Symposium On Usable Privacy and Security. https:\/\/www.usenix.org\/conference\/soups2014\/ proceedings\/presentation\/harbach","author":"Harbach Marian","year":"2014","unstructured":"Marian Harbach, Emanuel von Zezschwitz, Andreas Fichtner, Alexander De Luca, and Matthew Smith. 2014. It's a Hard Lock Life: A Field Study of Smartphone (Un)Locking Behavior and Risk Perception. In Proc. Symposium On Usable Privacy and Security. https:\/\/www.usenix.org\/conference\/soups2014\/ proceedings\/presentation\/harbach"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753384"},{"key":"e_1_3_2_2_29_1","volume-title":"Proc. Mobile Security Technologies. http:\/\/www.markus-jakobsson.com\/fastwords.pdf","author":"Jakobsson Markus","year":"2012","unstructured":"Markus Jakobsson and Ruj Akavipat. 2012. Rethinking Passwords to Adapt to Constrained Keyboards. In Proc. Mobile Security Technologies. http:\/\/www.markus-jakobsson.com\/fastwords.pdf"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/2041036.2041056"},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.38"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357127"},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671263"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979321"},{"key":"e_1_3_2_2_35_1","unstructured":"KoreLogic. 2010-. \"Crack Me If You Can\" - DEFCON 2014. http:\/\/contest-2013.korelogic.com. (2010-)."},{"key":"e_1_3_2_2_36_1","volume-title":"We Still Don't Have Assurance From Apple That iCloud Is Safe. (September","author":"Kovach Steve","year":"2014","unstructured":"Steve Kovach. 2014. We Still Don't Have Assurance From Apple That iCloud Is Safe. (September 2014). http:\/\/www.businessinsider.com\/apple-statementon-icloud-hack-2014--9"},{"key":"e_1_3_2_2_37_1","unstructured":"Tara Matthews Jeffrey Pierce and John Tang. 2009. No Smart Phone is an Island: The Impact of Places Situations and Other Devices on Smart Phone Use. In IBM Research Report. http: \/\/domino.research.ibm.com\/library\/cyberdig.nsf\/ papers\/F5FD878B5B062ACA85257635004EC3F5\/ %24File\/rj10452.pdf"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/IRI.2013.6642543"},{"key":"e_1_3_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516726"},{"key":"e_1_3_2_2_40_1","unstructured":"PHDays. 2013. \"Hash Runner\"? Positive Hack Days. http:\/\/2013.phdays.com\/program\/contests\/. (2013)."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435395"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2406367.2406384"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2428955.2429004"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2556288.2557377"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1837110.1837113"},{"key":"e_1_3_2_2_46_1","unstructured":"Jens Steube. 2009-. Hashcat Advanced Password Recovery. https:\/\/hashcat.net\/oclhashcat\/. (2009-)."},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979277"},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.5555\/2362793.2362798"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831173"},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2639189.2639218"},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2493190.2493231"},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866327"},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.8"},{"key":"e_1_3_2_2_54_1","volume-title":"Text Entry Method Affects Password Security. Computing Research Repository","author":"Yang Yulong","year":"2014","unstructured":"Yulong Yang, Janne Lindqvist, and Antti Oulasvirta. 2014. Text Entry Method Affects Password Security. Computing Research Repository (2014). http:\/\/arxiv.org\/abs\/1403.1910"}],"event":{"name":"CHI'16: CHI Conference on Human Factors in Computing Systems","location":"San Jose California USA","acronym":"CHI'16","sponsor":["SIGCHI ACM Special Interest Group on Computer-Human Interaction"]},"container-title":["Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2858036.2858384","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2858036.2858384","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2858036.2858384","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:49:30Z","timestamp":1763459370000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2858036.2858384"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,5,7]]},"references-count":54,"alternative-id":["10.1145\/2858036.2858384","10.1145\/2858036"],"URL":"https:\/\/doi.org\/10.1145\/2858036.2858384","relation":{},"subject":[],"published":{"date-parts":[[2016,5,7]]},"assertion":[{"value":"2016-05-07","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}