A Security/Usability Review of Wordpress 2FA Plugins

The story of L0phtCrack

Pushing on String: Adventures in the 'Don't Care' Regions of Password Strength

What would fix passwords? Some weekly password audits. Pretty graphs to prove it! (A Haiku)

Breachego

Tell Me Who You Are, and I Will Tell You Your Lock Pattern

Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers

Poppin' (Digital) Locks

Privileges in the Real World: Securing Password Management

Security Questions Considered Harmful

I Forgot My Password

Harvesting Passwords from Source Code, Scripts, and Code Repositories

Towards Standardizing Comparisons of Password Guessability

Stronger Password-Based Encryption Using I/O Hardness

Auth for Encrypted Services with Server Side APT

Blind Hashing

PBKDF2: Performance Matters

Password Alert by Google

No More Graphical Passwords

How Secure Are Multi-Word Random Passphrases?

Are You Sure That You Still Need Passwords?