{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:52:32Z","timestamp":1740099152520,"version":"3.37.3"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030011406"},{"type":"electronic","value":"9783030011413"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-01141-3_3","type":"book-chapter","created":{"date-parts":[[2018,10,1]],"date-time":"2018-10-01T06:54:57Z","timestamp":1538376897000},"page":"37-53","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Spark Is Enough in a Straw World: A Study of Websites Password Management in the Wild"],"prefix":"10.1007","author":[{"given":"Simone","family":"Raponi","sequence":"first","affiliation":[]},{"given":"Roberto","family":"Di Pietro","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,10,2]]},"reference":[{"key":"3_CR1","unstructured":"2012 linkedin breach just got a lot worse: 117 million new logins for sale. https:\/\/threatpost.com\/2012-linkedin-breach-just-got-a-lot-worse-117-million-new-logins-for-sale\/118173\/ . Accessed June 2018"},{"key":"3_CR2","unstructured":"6.5 million linkedin passwords reportedly leaked, linkedin is looking into it. http:\/\/goo.gl\/dWMvd7 . Accessed June 2018"},{"key":"3_CR3","unstructured":"Amazon alexa topsites. http:\/\/money.cnn.com\/2017\/10\/03\/technology\/business\/yahoo-breach-3-billion-accounts\/index.html . Accessed June 2018"},{"key":"3_CR4","unstructured":"Blockchain last block. https:\/\/blockchain.info\/block\/0000000000000000001ba3bf33b8c46856dfc05a3b3aebffa245f16269b54dc1 . Accessed June 2018"},{"key":"3_CR5","unstructured":"Every single yahoo account was hacked - 3 billion in all. https:\/\/www.alexa.com\/topsites . Accessed June 2018"},{"key":"3_CR6","unstructured":"Gdpr portal. https:\/\/www.eugdpr.org\/ . Accessed June 2018"},{"key":"3_CR7","unstructured":"How are alexas traffic rankings determined? http:\/\/goo.gl\/jMjpeS . Accessed June 2018"},{"key":"3_CR8","unstructured":"Inside the russian hack of yahoo: How they did it. https:\/\/www.csoonline.com\/article\/3180762\/data-breach\/inside-the-russian-hack-of-yahoo-how-they-did-it.html . Accessed June 2018"},{"key":"3_CR9","unstructured":"Man-in-the-middle attack. https:\/\/www.owasp.org\/index.php\/Man-in-the-middle_attack . Accessed June 2018"},{"key":"3_CR10","unstructured":"Protonmail. https:\/\/protonmail.com\/ . Accessed June 2018"},{"key":"3_CR11","unstructured":"Protonmail - two factor authentication (2fa). https:\/\/protonmail.com\/support\/knowledge-base\/two-factor-authentication\/ . Accessed June 2018"},{"key":"3_CR12","unstructured":"The real life risks of re using the same passwords. https:\/\/pixelprivacy.com\/resources\/reusing-passwords\/ . Accessed June 2018"},{"key":"3_CR13","unstructured":"Stronger security for your google account. https:\/\/www.google.com\/landing\/2step\/ . Accessed June 2018"},{"key":"3_CR14","unstructured":"Using burp to brute force a login page. https:\/\/goo.gl\/jfwiCJ . Accessed June 2018"},{"key":"3_CR15","unstructured":"Website security statistics report. https:\/\/info.whitehatsec.com\/rs\/whitehatsecurity\/images\/2015-Stats-Report.pdf . Accessed June 2018"},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Brainard, J., Juels, A., Rivest, R.L., Szydlo, M., Yung, M.: Fourth-factor authentication: somebody you know. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 168\u2013178. ACM (2006)","DOI":"10.1145\/1180405.1180427"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Dell\u2019Amico, M., Michiardi, P., Roudier, Y.: Password strength: an empirical analysis. In: Proceedings of IEEE INFOCOM 2010, pp. 1\u20139. IEEE (2010)","DOI":"10.1109\/INFCOM.2010.5461951"},{"key":"3_CR18","doi-asserted-by":"crossref","unstructured":"Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of the 16th International Conference on World Wide Web, pp. 657\u2013666. ACM (2007)","DOI":"10.1145\/1242572.1242661"},{"issue":"7\u20138","key":"3_CR19","doi-asserted-by":"publisher","first-page":"445","DOI":"10.1016\/j.cose.2007.09.001","volume":"26","author":"S Furnell","year":"2007","unstructured":"Furnell, S.: An assessment of website password practices. Comput. Secur. 26(7\u20138), 445\u2013451 (2007)","journal-title":"Comput. Secur."},{"issue":"9","key":"3_CR20","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1016\/S1361-3723(07)70115-X","volume":"2007","author":"S Furnell","year":"2007","unstructured":"Furnell, S.: A comparison of website user authentication mechanisms. Comput. Fraud Secur. 2007(9), 5\u20139 (2007)","journal-title":"Comput. Fraud Secur."},{"issue":"6","key":"3_CR21","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MSECP.2003.1253564","volume":"99","author":"SL Garfinkel","year":"2003","unstructured":"Garfinkel, S.L.: Email-based identification and authentication: an alternative to PKI? IEEE Secur. Privacy 99(6), 20\u201326 (2003)","journal-title":"IEEE Secur. Privacy"},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Just, M., Aspinall, D.: Personal choice and challenge questions: a security and usability assessment. In: Proceedings of the 5th Symposium on Usable Privacy and Security, p. 8. ACM (2009)","DOI":"10.1145\/1572532.1572543"},{"issue":"6","key":"3_CR23","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1145\/2246036.2254400","volume":"10","author":"Poul-Henning Kamp","year":"2012","unstructured":"Kamp, P.H., et al.: Linkedin password leak: salt their hide. ACM Queue 10(6), 20 (2012)","journal-title":"Queue"},{"key":"3_CR24","unstructured":"Ladakis, E., Koromilas, L., Vasiliadis, G., Polychronakis, M., Ioannidis, S.: You can type, but you can hide: a stealthy GPU-based keylogger. In: Proceedings of the 6th European Workshop on System Security (EuroSec) (2013)"},{"key":"3_CR25","unstructured":"Parker, D.B.: Fighting Computer Crime. Scribner, New York (1983)"},{"issue":"2","key":"3_CR26","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1109\/MSP.2011.1","volume":"9","author":"R Reeder","year":"2011","unstructured":"Reeder, R., Schechter, S.: When the password doesn\u2019t work: secondary authentication for websites. IEEE Secur. Privacy 9(2), 43\u201349 (2011)","journal-title":"IEEE Secur. Privacy"},{"key":"3_CR27","doi-asserted-by":"crossref","unstructured":"Schechter, S., Egelman, S., Reeder, R.W.: It\u2019s not what you know, but who you know: a social approach to last-resort authentication. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1983\u20131992. ACM (2009)","DOI":"10.1145\/1518701.1519003"},{"key":"3_CR28","unstructured":"Stobert, E., Biddle, R.: The password life cycle: user behaviour in managing passwords. In: Proceedings of SOUPS (2014)"},{"issue":"5","key":"3_CR29","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1109\/MSP.2004.81","volume":"2","author":"J Yan","year":"2004","unstructured":"Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password memorability and security: empirical results. IEEE Secur. Privacy 2(5), 25\u201331 (2004). https:\/\/doi.org\/10.1109\/MSP.2004.81","journal-title":"IEEE Secur. Privacy"}],"container-title":["Lecture Notes in Computer Science","Security and Trust Management"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-01141-3_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,25]],"date-time":"2019-10-25T01:05:39Z","timestamp":1571965539000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-01141-3_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030011406","9783030011413"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-01141-3_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"STM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Security and Trust Management","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Barcelona","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6 September 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 September 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"stm2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.nics.uma.es\/pub\/stm18\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"28","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"8","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}