Comments on: Ka-Ping Yee and Kragen Sitaker: Passpet http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/ Every system has a user. Fri, 21 Nov 2008 00:45:34 +0000 http://wordpress.org/?v=abc By: Richard M. Conlan http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-31306 Richard M. Conlan Wed, 21 Feb 2007 10:27:22 +0000 http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-31306 How do you see it being used? Do you know how you'll be licensing it an' all that? How do you see it being used? Do you know how you’ll be licensing it an’ all that?

]]> By: Ping http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-31259 Ping Wed, 21 Feb 2007 05:29:52 +0000 http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-31259 The Passpet code is online at mozdev, but it's not ready for a release yet. There are a few UI bugs that still have to be fixed. The Passpet code is online at mozdev, but it’s not ready for a release yet. There are a few UI bugs that still have to be fixed.

]]> By: DM http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-30434 DM Fri, 16 Feb 2007 20:29:45 +0000 http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-30434 Any progress on a public beta of passpet? This looks like a really cool tool.... -impatient in Ann Arbor Any progress on a public beta of passpet? This looks like a really cool tool….

-impatient in Ann Arbor

]]> By: identity 2.0 / Phishing w OpenID http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-25277 identity 2.0 / Phishing w OpenID Sat, 20 Jan 2007 23:10:36 +0000 http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-25277 [...] System Passpet. Przyznam szczerze, że jeszcze nie doczytałem do końca o co chodzi, ale wygląda ciekawie. [...] [...] System Passpet. Przyznam szczerze, że jeszcze nie doczytałem do końca o co chodzi, ale wygląda ciekawie. [...]

]]> By: Michael http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-5796 Michael Fri, 14 Jul 2006 20:41:20 +0000 http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-5796 Sorry, just read the Section 11 of the paper and thus saw the website at passpet.org. So my questions are answered. Sorry,
just read the Section 11 of the paper and thus saw the website at passpet.org.
So my questions are answered.

]]> By: Michael http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-5795 Michael Fri, 14 Jul 2006 20:26:04 +0000 http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-5795 Ping, (and others) when will Passpet be available ? Or where can I download it. So far there seam to be just placeholders at the mozilla webpages or mirrors. How is it implemented, thus will it be possible to port Passpet for Opera as well (if you have any idea) at some time ? (most probably Passpet could be a reason to switch to FF - even though I wouldn't like too much) I very much like this work and the focus on useability combined with security. :-) Ping, (and others)
when will Passpet be available ? Or where can I download it. So far there seam to be just placeholders at the mozilla webpages or mirrors.
How is it implemented, thus will it be possible to port Passpet for Opera as well (if you have any idea) at some time ? (most probably Passpet could be a reason to switch to FF - even though I wouldn’t like too much)
I very much like this work and the focus on useability combined with security. :-)

]]> By: Richard M. Conlan http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-5750 Richard M. Conlan Thu, 13 Jul 2006 19:09:04 +0000 http://usablesecurity.com/2006/07/13/ka-ping-yee-and-kragen-sitaker-passpet/#comment-5750 This study contained a lot of very interesting ideas and I think Passpet itself is rather well designed. I am somewhat concerned that site labels will tend to be predictable in many cases - for instance, most users will probably label www.paypal.com with "paypal"; however, it isn't clear how much of a problem this is since it should still be hard to guess the pet's name and image. I suspect it may improve security, and possibly user-satisfaction, to let user's choose the pet's type and name themselves. I have been working with realtime feedback on password strength for awhile now and have some intriguing preliminary results. For more information see: http://www.embracetherandom.com/changePasswordUIStudy/ I am hoping to put together a larger study by recruiting faculty/TAs from various institutions to participate by using the Dropbox-Online.com homework submission system this coming fall. Please contact me if you're interested in participating! This study contained a lot of very interesting ideas and I think Passpet itself is rather well designed. I am somewhat concerned that site labels will tend to be predictable in many cases - for instance, most users will probably label http://www.paypal.com with “paypal”; however, it isn’t clear how much of a problem this is since it should still be hard to guess the pet’s name and image. I suspect it may improve security, and possibly user-satisfaction, to let user’s choose the pet’s type and name themselves.

I have been working with realtime feedback on password strength for awhile now and have some intriguing preliminary results. For more information see:

http://www.embracetherandom.com/changePasswordUIStudy/

I am hoping to put together a larger study by recruiting faculty/TAs from various institutions to participate by using the Dropbox-Online.com homework submission system this coming fall. Please contact me if you’re interested in participating!

]]>