{"id":"https://openalex.org/W3091941128","doi":"https://doi.org/10.1145/3320269.3384737","title":"PassTag: A Graphical-Textual Hybrid Fallback Authentication System","display_name":"PassTag: A Graphical-Textual Hybrid Fallback Authentication System","publication_year":2020,"publication_date":"2020-10-05","ids":{"openalex":"https://openalex.org/W3091941128","doi":"https://doi.org/10.1145/3320269.3384737","mag":"3091941128"},"language":"en","primary_location":{"id":"doi:10.1145/3320269.3384737","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3320269.3384737","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5025095089","display_name":"Joon Kuy Han","orcid":null},"institutions":[{"id":"https://openalex.org/I4210116376","display_name":"SUNY Korea","ror":"https://ror.org/02d07gm56","country_code":"KR","type":"education","lineage":["https://openalex.org/I4210116376"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Joon Kuy Han","raw_affiliation_strings":["Stony Brook University (SUNY Korea), Incheon, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Stony Brook University (SUNY Korea), Incheon, South Korea","institution_ids":["https://openalex.org/I4210116376"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016901770","display_name":"Xiaojun Bi","orcid":"https://orcid.org/0000-0002-9716-7709"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaojun Bi","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016563574","display_name":"Hyoungshick Kim","orcid":"https://orcid.org/0000-0002-1605-3866"},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Hyoungshick Kim","raw_affiliation_strings":["Sungkyunkwan University, Suwon, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Sungkyunkwan University, Suwon, South Korea","institution_ids":["https://openalex.org/I848706"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033106393","display_name":"Simon S. Woo","orcid":"https://orcid.org/0000-0002-8983-1542"},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Simon S. Woo","raw_affiliation_strings":["Sungkyunkwan University, Suwon, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Sungkyunkwan University, Suwon, South Korea","institution_ids":["https://openalex.org/I848706"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"60","last_page":"72"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9943000078201294,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10828","display_name":"Biometric Identification and Security","score":0.9803000092506409,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8149545192718506},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.8053382635116577},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.6808873414993286},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6237538456916809},{"id":"https://openalex.org/keywords/challenge\u2013response-authentication","display_name":"Challenge\u2013response authentication","score":0.5155651569366455},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.47500431537628174},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.34096187353134155},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.337677538394928},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.22753888368606567}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8149545192718506},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.8053382635116577},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.6808873414993286},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6237538456916809},{"id":"https://openalex.org/C131129157","wikidata":"https://www.wikidata.org/wiki/Q1059963","display_name":"Challenge\u2013response authentication","level":4,"score":0.5155651569366455},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.47500431537628174},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.34096187353134155},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.337677538394928},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.22753888368606567}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3320269.3384737","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3320269.3384737","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.4000000059604645}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W78137777","https://openalex.org/W173470260","https://openalex.org/W1415620964","https://openalex.org/W1503108337","https://openalex.org/W1921097329","https://openalex.org/W1987516957","https://openalex.org/W1990451873","https://openalex.org/W1990935444","https://openalex.org/W1992743830","https://openalex.org/W1999298106","https://openalex.org/W2014580322","https://openalex.org/W2016563917","https://openalex.org/W2024562548","https://openalex.org/W2032007354","https://openalex.org/W2036862790","https://openalex.org/W2060668387","https://openalex.org/W2064945825","https://openalex.org/W2076245464","https://openalex.org/W2081580037","https://openalex.org/W2091922306","https://openalex.org/W2100142573","https://openalex.org/W2105568170","https://openalex.org/W2107911557","https://openalex.org/W2110695853","https://openalex.org/W2113936660","https://openalex.org/W2117906398","https://openalex.org/W2126453598","https://openalex.org/W2131571251","https://openalex.org/W2134321850","https://openalex.org/W2169555690","https://openalex.org/W2350778671","https://openalex.org/W2394619600","https://openalex.org/W2397107144","https://openalex.org/W2528727354","https://openalex.org/W2684055372","https://openalex.org/W2888666154","https://openalex.org/W2889484065","https://openalex.org/W2964153729","https://openalex.org/W4244109911"],"related_works":["https://openalex.org/W2586637279","https://openalex.org/W2945948711","https://openalex.org/W2008980859","https://openalex.org/W3188570565","https://openalex.org/W2054202867","https://openalex.org/W2036082688","https://openalex.org/W2085013698","https://openalex.org/W2908549062","https://openalex.org/W3089565182","https://openalex.org/W4238865314"],"abstract_inverted_index":{"Designing":[0],"a":[1,12,29,58,75,79,156],"fallback":[2,30,160],"authentication":[3,31,71,90],"mechanism":[4],"that":[5,62,131],"is":[6,11,133,155],"both":[7,66],"memorable":[8,141],"and":[9,21,45,68,78,139,145],"strong":[10],"challenging":[13],"problem":[14],"because":[15],"of":[16,65,84,122],"the":[17,85,102,120],"trade-off":[18],"between":[19],"usability":[20],"security.":[22],"Security":[23],"questions":[24],"are":[25,37],"popularly":[26],"used":[27],"as":[28,88],"method":[32],"for":[33,113,159],"password":[34,60,70],"recovery.However,":[35],"they":[36],"prone":[38],"to":[39,49,96,100,115,118],"guessing":[40],"attacks":[41],"by":[42],"users'":[43],"acquaintances":[44],"may":[46],"be":[47],"hard":[48],"recall.":[50],"To":[51],"overcome":[52],"these":[53],"limitations,":[54],"we":[55],"present":[56],"PassTag,":[57],"hybrid":[59],"scheme":[61],"takes":[63],"advantage":[64],"graphical":[67],"textual":[69],"methods.":[72],"PassTag":[73,92,123,132,154],"combines":[74],"user-provided":[76,103],"image":[77],"short":[80],"personalized":[81],"text":[82],"description":[83],"image,":[86],"imagetag,":[87],"an":[89],"secret.Furthermore,":[91],"incorporates":[93],"decoy":[94],"images":[95],"make":[97],"it":[98],"difficult":[99],"guess":[101],"pictures.":[104],"We":[105],"conducted":[106],"three":[107,116,146],"user":[108],"studies":[109],"with":[110],"161":[111],"participants":[112],"up":[114],"months":[117],"evaluate":[119],"performance":[121],"against":[124,136],"security":[125],"questions.":[126],"The":[127],"evaluation":[128],"results":[129,152],"demonstrate":[130],"significantly":[134],"stronger":[135],"close":[137],"adversaries":[138],"highly":[140],"(92.6%-95.0%)":[142],"after":[143],"one,two,":[144],"months,":[147],"respectively.":[148],"Our":[149],"longitudinal":[150],"study":[151],"show":[153],"promising":[157],"alternative":[158],"authentication.":[161]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3}],"updated_date":"2026-07-15T18:14:33.161393","created_date":"2025-10-10T00:00:00"}
