The Password You Hope You Never Use: Use Cases for Duress Authentication

Christina Frederikke Nissen; Oksana  Kulyk

doi:10.1145/3715070.3749266

The Password You Hope You Never Use: Use Cases for Duress Authentication

Research output: Conference Article in Proceeding or Book/Report chapter › Conference abstract in proceedings › Research › peer-review

Abstract

While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users’ perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.

Original language	English
Title of host publication	Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing
Number of pages	5
Place of Publication	New York, USA
Publisher	Association for Computing Machinery
Publication date	17 Oct 2025
Pages	435 - 439
ISBN (Electronic)	9798400714801
DOIs	https://doi.org/10.1145/3715070.3749266
Publication status	Published - 17 Oct 2025
Event	Conference on Computer-Supported Cooperative Work and Social Computing - Bergen, Norway Duration: 18 Oct 2025 → 22 Oct 2025

Conference

Conference	Conference on Computer-Supported Cooperative Work and Social Computing
Country/Territory	Norway
City	Bergen
Period	18/10/2025 → 22/10/2025

Keywords

Duress password
Panic password
Authentication
User Study
Use Cases
Perceptions

Access to Document

10.1145/3715070.3749266Licence: Unspecified

Duress_Authentication_Use_Cases_CSCWSubmitted manuscript, 420 KB

UCORV: Designing usable coercion resistant Internet voting systems
Kulyk, O. (PI), Schürmann, C. (CoI), Barkhuus, L. (CoI) & Nissen, C. F. (CoI)
Independent Research Fund Denmark
01/07/2023 → 30/06/2027
Project: Research

Cite this

@inbook{26a3fc51b9114ba198868f63cd99af21,

title = "The Password You Hope You Never Use: Use Cases for Duress Authentication",

abstract = "While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users{\textquoteright} perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.",

keywords = "Duress password, Panic password, Authentication, User Study, Use Cases, Perceptions",

author = "Nissen, \{Christina Frederikke\} and Oksana Kulyk",

year = "2025",

month = oct,

day = "17",

doi = "10.1145/3715070.3749266",

language = "English",

pages = "435 -- 439",

booktitle = "Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing",

publisher = "Association for Computing Machinery",

address = "United States",

note = "Conference on Computer-Supported Cooperative Work and Social Computing, CSCW 25 ; Conference date: 18-10-2025 Through 22-10-2025",

}

Nissen, CF & Kulyk, O 2025, The Password You Hope You Never Use: Use Cases for Duress Authentication. in Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing. Association for Computing Machinery, New York, USA , pp. 435 - 439, Conference on Computer-Supported Cooperative Work and Social Computing, Bergen, Norway, 18/10/2025. https://doi.org/10.1145/3715070.3749266

The Password You Hope You Never Use: Use Cases for Duress Authentication. / Nissen, Christina Frederikke ; Kulyk, Oksana .
Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing. New York, USA : Association for Computing Machinery, 2025. p. 435 - 439.

Research output: Conference Article in Proceeding or Book/Report chapter › Conference abstract in proceedings › Research › peer-review

TY - ABST

T1 - The Password You Hope You Never Use: Use Cases for Duress Authentication

AU - Nissen, Christina Frederikke

AU - Kulyk, Oksana

PY - 2025/10/17

Y1 - 2025/10/17

N2 - While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users’ perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.

AB - While passwords are the most widely used method of authentication, concerns about duress attacks have emerged because attackers are motivated to gain access to our sensitive data. To mitigate this, researchers have proposed duress passwords, allowing users to signal to a system that they are under duress silently. We conduct a survey (𝑁 = 281) to investigate users’ perceptions of potential use cases for duress passwords. Our findings show that users perceive critical societal systems and institutions as use cases due to potentially high consequences of a successful duress attack. Further, they consider personal accounts, such as banking, to benefit from implementing duress passwords. Overall, our findings pave the way for future research aimed at developing solutions effective against duress attacks.

KW - Duress password

KW - Panic password

KW - Authentication

KW - User Study

KW - Use Cases

KW - Perceptions

U2 - 10.1145/3715070.3749266

DO - 10.1145/3715070.3749266

M3 - Conference abstract in proceedings

SP - 435

EP - 439

BT - Companion Publication of the 2025 Conference on Computer-Supported Cooperative Work and Social Computing

PB - Association for Computing Machinery

CY - New York, USA

T2 - Conference on Computer-Supported Cooperative Work and Social Computing

Y2 - 18 October 2025 through 22 October 2025

ER -

The Password You Hope You Never Use: Use Cases for Duress Authentication

Abstract

Conference

Keywords

Access to Document

Fingerprint

Projects

UCORV: Designing usable coercion resistant Internet voting systems

Cite this