{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,30]],"date-time":"2025-12-30T09:00:05Z","timestamp":1767085205210,"version":"3.40.3"},"publisher-location":"Cham","reference-count":17,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319299372"},{"type":"electronic","value":"9783319299389"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-29938-9_3","type":"book-chapter","created":{"date-parts":[[2016,3,8]],"date-time":"2016-03-08T05:42:49Z","timestamp":1457415769000},"page":"39-44","source":"Crossref","is-referenced-by-count":2,"title":["Analyzing 4 Million Real-World Personal Knowledge Questions (Short Paper)"],"prefix":"10.1007","author":[{"given":"Maximilian","family":"Golla","sequence":"first","affiliation":[]},{"given":"Markus","family":"D\u00fcrmuth","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"3_CR1","unstructured":"Newitz, A.: Ashley Madison code shows more women, and more bots, August 2015. \n                      http:\/\/www.wired.com\/2015\/08\/happened-hackers-posted-stolen-ashley-madison-data\/\n                      \n                    . 6 January 2016"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Bonneau, J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: IEEE Symposium on Security and Privacy. IEEE (2012)","DOI":"10.1109\/SP.2012.49"},{"key":"3_CR3","doi-asserted-by":"crossref","unstructured":"Bonneau, J., Bursztein, E., Caron, I., Jackson, R., Williamson, M.: Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at Google. In: International World Wide Web Conference IW3C2 (2015)","DOI":"10.1145\/2736277.2741691"},{"key":"3_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-642-14577-3_10","volume-title":"Financial Cryptography and Data Security","author":"J Bonneau","year":"2010","unstructured":"Bonneau, J., Just, M., Matthews, G.: What\u2019s in a name? Evaluating statistical attacks on personal knowledge questions. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 98\u2013113. Springer, Heidelberg (2010)"},{"key":"3_CR5","doi-asserted-by":"crossref","unstructured":"Brainard, J., Juels, A., Rivest, R.L., Szydlo, M., Yung, M.: Fourth factor authentication: somebody you know. In: ACM Conference on Computer and Communications Security, pp. 168\u2013178. ACM Press (2006)","DOI":"10.1145\/1180405.1180427"},{"issue":"6","key":"3_CR6","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MSECP.2003.1253564","volume":"1","author":"SL Garfinkel","year":"2003","unstructured":"Garfinkel, S.L.: Email-based identification and authentication: an alternative to PKI? IEEE Secur. Priv. 1(6), 20\u201326 (2003)","journal-title":"IEEE Secur. Priv."},{"key":"3_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/11496137_7","volume-title":"Applied Cryptography and Network Security","author":"V Griffith","year":"2005","unstructured":"Griffith, V., Jakobsson, M.: Messin\u2019 with Texas - Deriving mother\u2019s maiden names using public records. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 91\u2013103. Springer, Heidelberg (2005)"},{"key":"3_CR8","doi-asserted-by":"crossref","unstructured":"Jakobsson, M., Stolterman, E., Wetzel, S., Yang, L.: Love and authentication. In: SIGCHI Conference on Human Factors in Computing Systems, pp. 197\u2013200. ACM Press (2008)","DOI":"10.1145\/1357054.1357087"},{"issue":"5","key":"3_CR9","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2004.80","volume":"2","author":"M Just","year":"2004","unstructured":"Just, M.: Designing and evaluating challenge-question systems. IEEE Secur. Priv. 2(5), 32\u201339 (2004)","journal-title":"IEEE Secur. Priv."},{"key":"3_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-32946-3_1","volume-title":"Financial Cryptography and Data Security","author":"H Kim","year":"2012","unstructured":"Kim, H., Tang, J., Anderson, R.: Social authentication: harder than it looks. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 1\u201315. Springer, Heidelberg (2012)"},{"key":"3_CR11","unstructured":"Zetter, K.: Hackers finally post stolen Ashley Madison data, August 2015. \n                      http:\/\/gizmodo.com\/ashley-madison-code-shows-more-women-and-more-bots-1727613924\n                      \n                    . 6 January 2016"},{"key":"3_CR12","volume-title":"The art of deception: controlling the human element of security","author":"KD Mitnick","year":"2002","unstructured":"Mitnick, K.D., Simon, W.L.: The art of deception: controlling the human element of security. Wiley, New York (2002)"},{"key":"3_CR13","doi-asserted-by":"crossref","unstructured":"Rabkin, A.: Personal knowledge questions for fallback authentication: security questions in the era of Facebook. In: USENIX Symposium on Usable Privacy and Security, pp. 13\u201323. USENIX Association (2008)","DOI":"10.1145\/1408664.1408667"},{"issue":"3","key":"3_CR14","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MSP.2007.75","volume":"5","author":"D Rosenblum","year":"2007","unstructured":"Rosenblum, D.: What anyone can know: the privacy risks of social networking sites. IEEE Secur. Priv. 5(3), 40\u201349 (2007)","journal-title":"IEEE Secur. Priv."},{"key":"3_CR15","doi-asserted-by":"crossref","unstructured":"Schechter, S., Brush, A.J.B., Egelman, S.: It\u2019s no secret: measuring the security and reliability of authentication via \u201cSecret\u201d questions. In: IEEE Symposium on Security and Privacy, pp. 375\u2013390. IEEE Computer Society (2009)","DOI":"10.1145\/1572532.1572580"},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Schechter, S., Egelman, S., Reeder, R.W.: It\u2019s not what you know, but who you know: a social approach to last-resort authentication. In: SIGCHI Conference on Human Factors in Computing Systems, pp. 1983\u20131992. ACM Press (2009)","DOI":"10.1145\/1518701.1519003"},{"issue":"3","key":"3_CR17","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1093\/comjnl\/36.3.227","volume":"36","author":"M Zviran","year":"1993","unstructured":"Zviran, M., Haga, W.J.: A comparison of password techniques for multilevel authentication mechanisms. Comput. J. 36(3), 227\u2013237 (1993)","journal-title":"Comput. J."}],"container-title":["Lecture Notes in Computer Science","Technology and Practice of Passwords"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-29938-9_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T13:22:40Z","timestamp":1559395360000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-29938-9_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319299372","9783319299389"],"references-count":17,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-29938-9_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}