The Password You Hope You Never Use: Use Cases for Duress Authentication

Christina Frederikke Nissen; Oksana  Kulyk

doi:10.1145/3715070.3749266

The Password You Hope You Never Use: Use Cases for Duress Authentication

Publikation: Konference artikel i Proceeding eller bog/rapport kapitel › Konferenceabstrakt i proceedings › Forskning › peer review

Abstract

While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users’ perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.

Originalsprog	Engelsk
Titel	Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing
Antal sider	5
Udgivelsessted	New York, USA
Forlag	Association for Computing Machinery
Publikationsdato	17 okt. 2025
Sider	435 - 439
ISBN (Elektronisk)	9798400714801
DOI	https://doi.org/10.1145/3715070.3749266
Status	Udgivet - 17 okt. 2025
Begivenhed	Conference on Computer-Supported Cooperative Work and Social Computing - Bergen, Norge Varighed: 18 okt. 2025 → 22 okt. 2025

Konference

Konference	Conference on Computer-Supported Cooperative Work and Social Computing
Land/Område	Norge
By	Bergen
Periode	18/10/2025 → 22/10/2025

Adgang til dokumentet

10.1145/3715070.3749266Licens: Ikke-specificeret

Duress_Authentication_Use_Cases_CSCWIndsendt manuskript, 420 KB

UCORV: UCORV - Designing usable coercion resistant Internet voting systems
Kulyk, O. (PI), Schürmann, C. (CoI), Barkhuus, L. (CoI) & Nissen, C. F. (CoI)
Danmarks Frie Forskningsfond
01/07/2023 → 30/06/2027
Projekter: Projekt › Forskning

Citationsformater

@inbook{26a3fc51b9114ba198868f63cd99af21,

title = "The Password You Hope You Never Use: Use Cases for Duress Authentication",

abstract = "While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users{\textquoteright} perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.",

keywords = "Duress password, Panic password, Authentication, User Study, Use Cases, Perceptions",

author = "Nissen, \{Christina Frederikke\} and Oksana Kulyk",

year = "2025",

month = oct,

day = "17",

doi = "10.1145/3715070.3749266",

language = "English",

pages = "435 -- 439",

booktitle = "Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing",

publisher = "Association for Computing Machinery",

address = "United States",

note = "Conference on Computer-Supported Cooperative Work and Social Computing, CSCW 25 ; Conference date: 18-10-2025 Through 22-10-2025",

}

Nissen, CF & Kulyk, O 2025, The Password You Hope You Never Use: Use Cases for Duress Authentication. i Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing. Association for Computing Machinery, New York, USA , s. 435 - 439, Conference on Computer-Supported Cooperative Work and Social Computing, Bergen, Norge, 18/10/2025. https://doi.org/10.1145/3715070.3749266

The Password You Hope You Never Use: Use Cases for Duress Authentication. / Nissen, Christina Frederikke ; Kulyk, Oksana .
Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing. New York, USA : Association for Computing Machinery, 2025. s. 435 - 439.

Publikation: Konference artikel i Proceeding eller bog/rapport kapitel › Konferenceabstrakt i proceedings › Forskning › peer review

TY - ABST

T1 - The Password You Hope You Never Use: Use Cases for Duress Authentication

AU - Nissen, Christina Frederikke

AU - Kulyk, Oksana

PY - 2025/10/17

Y1 - 2025/10/17

N2 - While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users’ perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.

AB - While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users’ perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.

KW - Duress password

KW - Panic password

KW - Authentication

KW - User Study

KW - Use Cases

KW - Perceptions

U2 - 10.1145/3715070.3749266

DO - 10.1145/3715070.3749266

M3 - Conference abstract in proceedings

SP - 435

EP - 439

BT - Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing

PB - Association for Computing Machinery

CY - New York, USA

T2 - Conference on Computer-Supported Cooperative Work and Social Computing

Y2 - 18 October 2025 through 22 October 2025

ER -

The Password You Hope You Never Use: Use Cases for Duress Authentication

Abstract

Konference

Adgang til dokumentet

Fingeraftryk

Projekter

UCORV: UCORV - Designing usable coercion resistant Internet voting systems

Citationsformater