1. RIEMAN, John; FRANZKE, Marita; REDMILES, David. Usability Evaluation with the Cognitive Walkthrough. In: Conference Companion on Human Factors in Computing Systems. Denver, Colorado, USA: Association for Computing Machinery, 1995, pp. 387–388. CHI ’95. isbn 0897917553. doi 10.1145/223355.223735. Available from:

2. SCARFONE, Karen A; JANSEN, Wayne; TRACY, Miles. SP 800-123. Guide to general server security [online]. National Institute of Standards and Technology, 2008 [visited on 2022-05-13]. Available from:

3. PETITCOLAS, Fabien. Electronic version and English translation of “La cryptographie militaire” [online] [visited on 2022-05-06]. Available from:

4. The Open Source Definition [online]. OSI [visited on 2022-03-20]. Available from:

5. POTDAR, Vidyasagar; CHANG, Elizabeth. Open source and closed source software development methodologies. In: 26th International Conference on Software Engineering. 2004, pp. 105–109. doi 10.1049/ic:20040275. Available from:

6. Global market share held by operating systems for desktop PCs, from January 2013 to December 2021 [online]. Statista Research Department, 2021-02-23 [visited on 2022-03-20]. Available from:

7. List of password managers [online]. Wikipedia [visited on 2022-03-20]. Available from:

8. Comparison of disk encryption software [online]. Wikipedia [visited on 2022-03-20]. Available from:

9. List of applications/Security [online]. ArchWiki [visited on 2022-03-20]. Available from:

10. FAURE, Maxime; EHRET, Flavien. Open Source Security Tools. 2019. Internal internship report.

11. PECUCH, Daniel. Password managers: a survey [online]. Brno, 2021 [cit. 2022-03-20]. Available also from: Bachelor thesis. Masaryk University, Faculty of Informatics. SUPERVISOR : Lukáš Němec.

12. HULINA, Andrej. Operating systems for privacy and anonymity: a survey [online]. Brno, 2021 [cit. 2022-03-20]. Available also from: Bachelor thesis. Masaryk University, Faculty of Informatics. SUPERVISOR : Lukáš Němec.

13. MATYÁŠ, Václav; KRAUS, Lydia; LE CLANCHE, Alexandre; SKARMETA, Antonio; NĚMEC, Lukáš. Open tool taxonomy with proposed portal structure and selection of tools for D7.5. 2020. Internal project consortium report.

14. GARFINKEL, S.L.; SHELAT, A. Remembrance of data passed: a study of disk sanitization practices. IEEE Security & Privacy. 2003, vol. 1, no. 1, pp. 17–27. doi 10.1109/MSECP.2003.1176992. Available from:

15. DWORKIN, Morris J; BARKER, Elaine B; NECHVATAL, James R; FOTI, James; BASSHAM, Lawrence E; ROBACK, E; DRAY JR, James F, et al. Advanced encryption standard (AES) [online]. National Institute of Standards and Technology, 2001 [visited on 2022-05-13]. Available from:

16. KALISKI, Burt. PKCS #5: Password-Based Cryptography Specification Version 2.0 [RFC 2898]. RFC Editor, 2000. Request for Comments, no. 2898. doi: 10.17487/RFC2898. Available from:

17. DÜRMUTH, Markus; GÜNEYSU, Tim; KASPER, Markus; PAAR, Christof; YALCIN, Tolga; ZIMMERMANN, Ralf. Evaluation of standardized password-based key derivation against parallel processing platforms. In: European Symposium on Research in Computer Security. 2012, pp. 716–733. isbn 978-3-642-33167-1. Available from:

18. BLOCKI, Jeremiah; HARSHA, Benjamin; ZHOU, Samson. On the economics of offline password cracking: Memory Hard Functions. In: 2018 IEEE Symposium on Security and Privacy (SP) [online]. 2018, pp. 853–871 [visited on 2022-05-13]. Available from:

19. PERCIVAL, Colin; JOSEFSSON, Simon. The scrypt Password-Based Key Derivation Function [RFC 7914]. RFC Editor, 2016. Request for Comments, no. 7914. doi 10.17487/RFC7914. Available from:

20. BIRYUKOV, Alex; DINU, Daniel; KHOVRATOVICH, Dmitry. Argon2: new generation of memory-hard functions for password hashing and other applications. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P) [online]. 2016, pp. 292–302 [visited on 2022-05-13]. Available from:

21. BIRYUKOV, Alex; DINU, Daniel; KHOVRATOVICH, Dmitry; JOSEFSSON, Simon. Argon2 Memory-Hard Function for Password Hashing and Proof-of-Work Applications [RFC 9106]. RFC Editor, 2021. Request for Comments, no. 9106. doi 10.17487/RFC9106. Available from:

22. KHATI, Louiza; MOUHA, Nicky; VERGNAUD, Damien. Full Disk Encryption: Bridging Theory and Practice. In: HANDSCHUH, Helena (ed.). Topics in Cryptology – CT-RSA 2017. Cham: Springer International Publishing, 2017, pp. 241–257. isbn 978-3-319-52153-4. Available from:

23. IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices. IEEE Std 1619-2018 (Revision of IEEE Std 1619-2007). 2019, pp. 1–41. doi 10.1109/IEEESTD.2019.8637988. Available from:

24. DWORKIN, Morris. Recommendation for block cipher modes of operation: The XTS-AES mode for confidentiality on storage devices. NIST Special Publication [online]. 2010, vol. 800, no. 38E, 38E [visited on 2022-05-13]. Available from:

25. CARBONE, Richard; BEAN, C; SALOIS, M. An in-depth analysis of the cold boot attack: Can it be used for sound forensic memory acquisition?: What is the cold boot attack? [Online]. 2011 [visited on 2022-05-12]. Available from:

26. BROŽ, Milan. LUKS2 On-Disk Format Specification [online]. 2022 [visited on 2022-05-12]. Available from:

27. VISCONTI, Andrea; MOSNÁČEK, Ondrej; BROŽ, Milan; MATYÁŠ, Vashek. Examining PBKDF2 security margin—Case study of LUKS. Journal of Information Security and Applications. 2019, vol. 46, pp. 296–306. issn 2214-2126. Available from doi:

28. KEDZIORA, Michal; CHOW, Yang-Wai; SUSILO, Willy. Defeating Plausible Deniability of VeraCrypt Hidden Operating Systems. In: BATTEN, Lynn; KIM, Dong Seong; ZHANG, Xuyun; LI, Gang (eds.). Applications and Techniques in Information Security. Singapore: Springer Singapore, 2017, pp. 3–13. isbn 978-981-10-5421-1. Available from:

29. Header Key Derivation, Salt, and Iteration Count [online]. VeraCrypt [visited on 2022-05-14]. Available from:

30. TURAN, Meltem Sönmez; BARKER, Elaine B; BURR, William E; CHEN, Lidong. Sp 800-132. recommendation for password-based key derivation: Part 1: Storage applications. NIST Special Publication [online]. 2010 [visited on 2022-05-12]. Available from:

31. GUJRATI, Sumeet; VASSERMAN, Eugene Y. The Usability of Truecrypt, or How i Learned to Stop Whining and Fix an Interface. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy. San Antonio, Texas, USA: Association for Computing Machinery, 2013, pp. 83–94. CODASPY ’13. isbn 9781450318907. doi 10.1145/2435349.2435360. Available from:

32. About libfuse [online]. libfuse GitHub [visited on 2022-05-12]. Available from:

33. fscrypt – Design Document (PUBLIC) [online]. 2016 [visited on 2022-05-12]. Available from:

34. BENO, Richard; POET, Ron. Hacking Passwords That Satisfy Common Password Policies: Hacking Passwords. In: 13th International Conference on Security of Information and Networks. Merkez, Turkey: Association for Computing Machinery, 2020. SIN 2020. isbn 9781450387514. doi 10.1145/3433174.3433616. Available from:

35. HERLEY, Cormac. So Long, and No Thanks for the Externalities: The Rational Rejection of Security Advice by Users. In: Proceedings of the 2009 Workshop on New Security Paradigms Workshop. Oxford, United Kingdom: Association for Computing Machinery, 2009, pp. 133–144. NSPW ’09. isbn 9781605588452 doi 10.1145/1719030.1719050. Available from:

36. MA, Wanli; CAMPBELL, John; TRAN, Dat; KLEEMAN, Dale. Password Entropy and Password Quality. In: 2010 Fourth International Conference on Network and System Security. 2010, pp. 583–587. doi 10.1109/NSS.2010.18. Available from:

37. zxcvbn: realistic password strength estimation [online]. Dropbox.Tech [visited on 2022-05-12]. Available from:

38. About zxcvbn [online]. zxcvbn GitHub [visited on 2022-05-12]. Available from:

39. GRASSI, Paul A; FENTON, James L; NEWTON, Elaine M; PERLNER, Ray A; REGENSCHEID, Andrew R; BURR, William E; RICHER, Justin P; LEFKOVITZ, Naomi B; DANKER, Jamie M; CHOONG, YeeYin, et al. Sp 800-63b: Digital Identity Guidelines. NIST Special Publication [online]. 2017 [visited on 2022-05-12]. Available from:

40. OESCH, Sean; RUOTI, Scott. That Was Then, This is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers. In: Proceedings of the 29th USENIX Conference on Security Symposium. USA: USENIX Association, 2020. isbn 978-1-939133-17-5. Available from:

41. SHEN, Chao; YU, Tianwen; XU, Haodi; YANG, Gengshan; GUAN, Xiaohong. User practice in password security: An empirical study of real-life passwords in the wild. Computers & Security. 2016, vol. 61, pp. 130–141. issn 0167-4048. Available from doi:

42. Top 200 most common passwords [online]. NordPass [visited on 2022-05-12]. Available from:

43. FLORENCIO, Dinei; HERLEY, Cormac. A Large-Scale Study of Web Password Habits. In: Proceedings of the 16th International Conference on World Wide Web. Banff, Alberta, Canada: Association for Computing Machinery, 2007, pp. 657–666. WWW ’07. isbn 9781595936547. Available from doi: 10.1145/1242572.1242661

44. Study Reveals Average Person Has 100 Passwords [online]. [visited on 2022-05-12]. Available from:

45. DELL’AMICO, Matteo; MICHIARDI, Pietro; ROUDIER, Yves. Password Strength: An Empirical Analysis. In: 2010 Proceedings IEEE INFOCOM. 2010, pp. 1–9. doi 10.1109/INFCOM.2010.5461951. Available from:

46. RILEY, Shannon. Password security: What users know and what they actually do. Usability News [online]. 2006, vol. 8, no. 1, pp. 2833–2836 [visited on 2022-05-12]. Available from:

47. DAS, Anupam; BONNEAU, Joseph; CAESAR, Matthew; BORISOV, Nikita; WANG, XiaoFeng. The tangled web of password reuse. In: NDSS [online]. 2014, vol. 14, pp. 23–26 [visited on 2022-05-12]. No. 2014. Available from:

48. Development stopped [online]. KeePassX [visited on 2022-05-12]. Available from:

49. SymmetricCipher.cpp [online]. KeePassXC GitHub [visited on 2022-05-12]. Available from:

50. Back up and restore information in Firefox profiles [online]. Support [visited on 2022-05-12]. Available from:

51. Bug 1764205 – Firefox should use modern algorithms in PKCS#12 files by default [online]. Red Hat Bugzilla [visited on 2022-05-14]. Available from:

52. CALLAS, J.; DONNERHACKE, L.; FINNEY, H.; SHAW, D.; THAYER, R. OpenPGP Message Format [RFC 4880]. RFC Editor, 2007. Request for Comments, no. 4880. doi 10.17487/RFC4880. Available from:

53. FAGAN, Michael; ALBAYRAM, Yusuf; KHAN, Mohammad Maifi Hasan; BUCK, Ross. An investigation into users’ considerations towards using password managers. Human-centric Computing and Information Sciences [online]. 2017, vol. 7, no. 1, pp. 1–20 [visited on 2022-05-12]. Available from:

54. Reset your Primary Password if you’ve forgotten it [online]. Support [visited on 2022-05-14]. Available from:

55. Add special characters / symbols to generated passwords [online]. Bugzilla [visited on 2022-05-14]. Available from:

56. Number of e-mail users worldwide from 2017 to 2025 [online]. Statista Research Department, 2022-04-28 [visited on 2022-05-12]. Available from:

57. Number of sent and received e-mails per day worldwide from 2017 to 2025 [online]. Statista Research Department, 2021-10-19 [visited on 2022-05-12]. Available from:

58. KLENSIN, J. Simple Mail Transfer Protocol [RFC 5321]. RFC Editor, 2008. Request for Comments, no. 5321. doi 10.17487/RFC5321. Available from:

59. MELNIKOV, A.; LEIBA, B. Internet Message Access Protocol (IMAP) – Version 4rev2 [RFC 9051]. RFC Editor, 2021. Request for Comments, no. 9051. doi 10.17487/RFC9051. Available from:

60. MYERS, J.; ROSE, M. Post Office Protocol – Version 3 [RFC 1939]. RFC Editor, 1996. Request for Comments, no. 1939. doi 10.17487/RFC1939. Available from:

61. RESCORLA, E. The Transport Layer Security (TLS) Protocol Version 1.3 [RFC8446]. RFC Editor, 2018. Request for Comments, no. 8446. doi 10.17487/RFC8446. Available from:

62. Transparency report: Email encryption in transit [online]. Google [visited on 2022-05-12]. Available from:

63. WHITTEN, Alma; TYGAR, J. D. Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. In: 8th USENIX Security Symposium (USENIX Security 99) [online]. Washington, D.C.: USENIX Association, 1999 [visited on 2022-05-12]. Available from:

64. RUOTI, Scott; SEAMONS, Kent. Johnny’s Journey Toward Usable Secure Email. IEEE Security Privacy. 2019, vol. 17, no. 6, pp. 72–76. doi 10.1109/MSEC.2019.2933683. Available from:

65. GERBER, Nina; ZIMMERMANN, Verena; HENHAPL, Birgit; EMERÖZ, Sinem; VOLKAMER, Melanie. Finally Johnny Can Encrypt: But Does This Make Him Feel More Secure? In: Proceedings of the 13th International Conference on Availability, Reliability and Security. Hamburg, Germany: Association for Computing Machinery, 2018. ARES 2018. isbn 9781450364485. doi 10.1145/3230833.3230859. Available from:

66. RUOTI, Scott; ANDERSEN, Jeff; ZAPPALA, Daniel; SEAMONS, Kent. Why Johnny Still, Still Can’t Encrypt: Evaluating the Usability of a Modern PGP Client. arXiv, 2015. doi 10.48550/ARXIV.1510.08555. Available from:

67. HERZBERG, Amir; LEIBOWITZ, Hemi. Can Johnny Finally Encrypt? Evaluating E2E-Encryption in Popular IM Applications. In: Los Angeles, California: Association for Computing Machinery, 2016, pp. 17–28. STAST ’16. isbn 9781450348263. doi 10.1145/3046055.3046059. Available from:

68. DEKKER, Marnix. Encrypted email is for nobody really [online]. LinkedIn, 2017-10-27 [visited on 2022-05-12]. Available from:

69. Frequently Asked Questions: Security [online]. Mailvelope [visited on 2022-05-12]. Available from:

70. GNOME Human Interface Guidelines [online]. GNOME [visited on 2022-05-12]. Available from:

71. Computer Security Research Center: Glossary [online]. NIST [visited on 2022-05-12]. Available from:

72. TEVAULT, Donald A. Mastering Linux Security and Hardening: Secure your Linux server and protect it from intruders, malware attacks, and other external threats [online]. Packt Publishing Ltd, 2018 [visited on 2022-05-12]. Available from:

73. Linux hardening steps for starters [online]. Linux Audit, 2014-05-30 [visited on 2022-05-12]. Available from:

74. Package Maintainers: Staying Close to Upstream Projects [online]. Fedora Docs [visited on 2022-05-12]. Available from:

75. Security Features [online]. Fedora Wiki [visited on 2022-05-12]. Available from: h

76. 40 Linux Statistics You Need to Know [online]. Kommando Tech, 2022-04-13 [visited on 2022-05-12]. Available from:

77. Security: Features [online]. Ubuntu Wiki [visited on 2022-05-12]. Available from:

78. The Ubuntu lifecycle and release cadence [online]. Ubuntu [visited on 2022-05-12]. Available from:

79. eCryptfs development tree [online]. git repositories [visited on 2022-05-13]. Available from:

80. Official eCryptfs releases, signed archives and changelogs [online]. Launchpad [visited on 2022-05-13]. Available from:

81. Chromium: Terms and Conditions [online]. WaybackMachine Internet Archive, 2008-09-02 [visited on 2022-05-12]. Available from:

82. Limiting Private API availability in Chromium [online]. Chromium Blog, 2021-01-15 [visited on 2022-05-12]. Available from:

83. Chromium: Force a password store [online]. Arch Wiki [visited on 2022-05-12]. Available from:

84. Chromium: Linux Password Storage [online]. WaybackMachine Internet Archive [visited on 2022-05-12]. Available from:

85. Less secure apps & your Google Account [online]. Google [visited on 2022-05-12]. Available from:

86. ČIERNIKOVÁ, Tamara. Selected open tools supporting security and privacy protection for regular end-users [online]. Brno. Available from: Bachelor’s thesis. Masaryk University, Faculty of Informatics. Thesis supervisor Václav MATYÁŠ.