{"id":"https://openalex.org/W4415276260","doi":"https://doi.org/10.1145/3719027.3765081","title":"How Blind and Low-Vision Users Manage Their Passwords","display_name":"How Blind and Low-Vision Users Manage Their Passwords","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4415276260","doi":"https://doi.org/10.1145/3719027.3765081"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3765081","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765081","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765081","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765081","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5004566185","display_name":"Alexander Ponticello","orcid":"https://orcid.org/0000-0001-6119-9701"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Alexander Ponticello","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"raw_orcid":"https://orcid.org/0000-0001-6119-9701","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089811277","display_name":"Filipo Sharevski","orcid":"https://orcid.org/0000-0003-3058-7255"},"institutions":[{"id":"https://openalex.org/I118353179","display_name":"DePaul University","ror":"https://ror.org/04xtx5t16","country_code":"US","type":"education","lineage":["https://openalex.org/I118353179"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Filipo Sharevski","raw_affiliation_strings":["DePaul University, Chicago, Illinois, USA"],"raw_orcid":"https://orcid.org/0000-0003-3058-7255","affiliations":[{"raw_affiliation_string":"DePaul University, Chicago, Illinois, USA","institution_ids":["https://openalex.org/I118353179"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002275654","display_name":"Simon Anell","orcid":"https://orcid.org/0009-0008-6358-832X"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Simon Anell","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"raw_orcid":"https://orcid.org/0009-0008-6358-832X","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072958313","display_name":"Katharina Krombholz","orcid":"https://orcid.org/0000-0003-2425-3013"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Katharina Krombholz","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"raw_orcid":"https://orcid.org/0000-0003-2425-3013","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5004566185"],"corresponding_institution_ids":["https://openalex.org/I4210128801"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.41660512,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"3192","last_page":"3205"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9358999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9358999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.9555000066757202},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.6520000100135803},{"id":"https://openalex.org/keywords/cognitive-password","display_name":"Cognitive password","score":0.6326000094413757},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.5996999740600586},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.4519999921321869},{"id":"https://openalex.org/keywords/password-strength","display_name":"Password strength","score":0.44290000200271606},{"id":"https://openalex.org/keywords/s/key","display_name":"S/KEY","score":0.37689998745918274}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.9555000066757202},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.6520000100135803},{"id":"https://openalex.org/C23875713","wikidata":"https://www.wikidata.org/wiki/Q5141232","display_name":"Cognitive password","level":5,"score":0.6326000094413757},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6284000277519226},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6115999817848206},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.5996999740600586},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5439000129699707},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.4519999921321869},{"id":"https://openalex.org/C70530487","wikidata":"https://www.wikidata.org/wiki/Q1990841","display_name":"Password strength","level":4,"score":0.44290000200271606},{"id":"https://openalex.org/C4957475","wikidata":"https://www.wikidata.org/wiki/Q242186","display_name":"S/KEY","level":3,"score":0.37689998745918274},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.3621000051498413},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3472999930381775},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.3003999888896942},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.29260000586509705},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.2809999883174896},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.27059999108314514},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2513999938964844},{"id":"https://openalex.org/C2983583741","wikidata":"https://www.wikidata.org/wiki/Q16785388","display_name":"Third party","level":2,"score":0.25}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3719027.3765081","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765081","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765081","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2510.13538","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2510.13538","pdf_url":"https://arxiv.org/pdf/2510.13538","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3719027.3765081","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765081","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765081","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320323322","display_name":"Universit\u00e4t des Saarlandes","ror":"https://ror.org/01jdpyv68"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4415276260.pdf","grobid_xml":"https://content.openalex.org/works/W4415276260.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Managing":[0],"passwords":[1,105,157],"securely":[2],"and":[3,21,37,44,95,136,182,194],"conveniently":[4],"is":[5,87],"still":[6],"an":[7],"open":[8],"problem":[9,43],"for":[10,127,185],"many":[11],"users.":[12],"Existing":[13],"research":[14],"has":[15],"examined":[16],"users'":[17,124,200],"password":[18,46,73,144,186],"management":[19],"strategies":[20],"identified":[22],"pain":[23],"points,":[24],"such":[25,153],"as":[26,81,154,188],"security":[27,99],"concerns,":[28],"leading":[29],"to":[30,75,111,122,149,160,178],"insecure":[31,151],"practices.":[32],"We":[33,67,170],"investigate":[34],"how":[35,45],"Blind":[36],"Low-Vision":[38],"(BLV)":[39],"users":[40,148],"tackle":[41],"this":[42],"managers":[47,74,118,145,187],"can":[48],"assist":[49],"them.":[50],"This":[51],"paper":[52],"presents":[53],"the":[54,85,91,112,176],"results":[55],"of":[56,93,114,143,191],"a":[57,189],"qualitative":[58],"interview":[59],"study":[60],"with":[61,133],"N":[62],"=":[63],"33":[64],"BLV":[65,123,147,199],"participants.":[66],"found":[68],"that":[69],"all":[70],"participants":[71],"utilize":[72],"some":[76],"extent,":[77],"which":[78,129],"they":[79],"perceive":[80],"fairly":[82],"accessible.":[83],"However,":[84],"adoption":[86],"mainly":[88,109],"driven":[89],"by":[90,164,174],"convenience":[92],"storing":[94],"retrieving":[96],"passwords.":[97],"The":[98],"advantages":[100],"--":[101,106],"generating":[102],"strong,":[103],"random":[104],"were":[107],"avoided":[108],"due":[110],"absence":[113],"practical":[115,180],"accessibility.":[116],"Password":[117],"do":[119],"not":[120],"adhere":[121],"underlying":[125],"needs":[126],"agency,":[128],"stem":[130],"from":[131],"experiences":[132],"inaccessible":[134],"software":[135],"vendors":[137],"who":[138],"deprioritize":[139],"accessibility":[140,181],"issues.":[141],"Underutilization":[142],"leads":[146],"adopt":[150],"practices,":[152],"reusing":[155],"predictable":[156],"or":[158],"resorting":[159],"'security":[161],"through":[162],"obscurity'":[163],"writing":[165],"important":[166],"credentials":[167],"in":[168],"braille.":[169],"conclude":[171],"our":[172],"analysis":[173],"discussing":[175],"need":[177],"implement":[179],"usability":[183],"improvements":[184],"way":[190],"establishing":[192],"trust":[193],"secure":[195],"practices":[196],"while":[197],"maintaining":[198],"agency.":[201]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-17T00:00:00"}