{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:42:53Z","timestamp":1759092173492,"version":"3.41.0"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319459301"},{"type":"electronic","value":"9783319459318"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-45931-8_3","type":"book-chapter","created":{"date-parts":[[2016,9,16]],"date-time":"2016-09-16T07:26:19Z","timestamp":1474010779000},"page":"35-50","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Codes v. People: A Comparative Usability Study of Two Password Recovery Mechanisms"],"prefix":"10.1007","author":[{"given":"Vlasta","family":"Stavova","sequence":"first","affiliation":[]},{"given":"Vashek","family":"Matyas","sequence":"additional","affiliation":[]},{"given":"Mike","family":"Just","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,17]]},"reference":[{"key":"3_CR1","unstructured":"Smart phone thefts rose to 3.1 million in 2013 (2014). http:\/\/www.consumerreports.org\/cro\/news\/2014\/04\/smart-phone-thefts-rose-to-3-million-last-year . Accessed 15 Jun 2016"},{"key":"3_CR2","unstructured":"How do i enable two-step verification on my account? (2015). https:\/\/www.dropbox.com\/en\/help\/363 . Accessed 15 Jun 2016"},{"key":"3_CR3","unstructured":"I forgot my password. How do i reset it? (2015). https:\/\/www.dropbox.com\/help\/168 . Accessed 15 Jun 2016"},{"key":"3_CR4","unstructured":"I\u2019m having trouble resetting my password (2015). https:\/\/support.google.com\/accounts\/answer\/1723426?hl=en . Accessed 15 Jun 2016"},{"key":"3_CR5","unstructured":"Security and your Apple ID (2015). https:\/\/support.apple.com\/en-us\/HT201303 . Accessed 15 Jun 2016"},{"key":"3_CR6","unstructured":"Set up a recovery phone number or email address (2015). https:\/\/support.google.com\/accounts\/answer\/183723?hl=en . Accessed 15 Jun 2016"},{"key":"3_CR7","doi-asserted-by":"crossref","unstructured":"Bonneau, J., Bursztein, E., Caron, I., Jackson, R., Williamson, M.: Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at google. In: Proceedings of the 24th International Conference on World Wide Web, pp. 141\u2013150. International World Wide Web Conferences Steering Committee (2015)","DOI":"10.1145\/2736277.2741691"},{"key":"3_CR8","unstructured":"Bonneau, J., Preibusch, S.: The password thicket: technical and market failures in human authentication on the web. In: WEIS (2010)"},{"key":"3_CR9","volume-title":"Nonparametric Statistics: A Step-by-Step Approach","author":"G Corder","year":"2014","unstructured":"Corder, G., Foreman, D.: Nonparametric Statistics: A Step-by-Step Approach. Wiley, New York (2014)"},{"key":"3_CR10","unstructured":"Cubrilovic, N.: The Anatomy of the Twitter Attack (2009). http:\/\/techcrunch.com\/2009\/07\/19\/the-anatomy-of-the-twitter-attack\/ . Accessed 15 Jun 2016"},{"key":"3_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"365","DOI":"10.1007\/978-3-662-45472-5_24","volume-title":"Financial Cryptography and Data Security","author":"A Dmitrienko","year":"2014","unstructured":"Dmitrienko, A., Liebchen, C., Rossow, C., Sadeghi, A.-R.: On the (in)security of mobile two-factor authentication. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 365\u2013383. Springer, Heidelberg (2014)"},{"key":"3_CR12","doi-asserted-by":"crossref","unstructured":"Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of the 16th International Conference on World Wide Web, pp. 657\u2013666. ACM (2007)","DOI":"10.1145\/1242572.1242661"},{"issue":"8","key":"3_CR13","doi-asserted-by":"publisher","first-page":"1251","DOI":"10.1109\/TIFS.2014.2330311","volume":"9","author":"NZ Gong","year":"2014","unstructured":"Gong, N.Z., Wang, D.: On the security of trustee-based social authentications. IEEE Trans. Inf. Forensics Secur. 9(8), 1251\u20131263 (2014)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"3_CR14","unstructured":"Hamern\u00edk, J.: Autentiza\u010dn\u00ed metody pou\u017e\u00edvan\u00e9 k obnov\u011b p\u0159ihla\u0161ovac\u00edho hesla, Master thesis (in Czech), Masaryk University (2014). Accessed 15 Jun 2016"},{"key":"3_CR15","unstructured":"Honan, M.: How Apple and Amazon Security Flaws Led to My Epic Hacking (2012). http:\/\/www.wired.com\/2012\/08\/apple-amazon-mat-honan-hacking\/all\/ . Accessed 15 Jun 2016"},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Just, M., Aspinall, D.: Personal choice and challenge questions: a security and usability assessment. In: Proceedings of the 5th Symposium on Usable Privacy and Security, p. 8. ACM (2009)","DOI":"10.1145\/1572532.1572543"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Lee, Y.S., Kim, N.H., Lim, H., Jo, H., Lee, H.J.: Online banking authentication system using mobile-OTP with QR-code. In: 2010 5th International Conference on Computer Sciences and Convergence Information Technology (ICCIT), pp. 644\u2013648. IEEE (2010)","DOI":"10.1109\/ICCIT.2010.5711134"},{"issue":"8","key":"3_CR18","first-page":"937","volume":"5","author":"KC Liao","year":"2010","unstructured":"Liao, K.C., Lee, W.H.: A novel user authentication scheme based on QR-code. J. Netw. 5(8), 937\u2013941 (2010)","journal-title":"J. Netw."},{"key":"3_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"29","DOI":"10.1007\/978-3-642-21708-1_4","volume-title":"Design, User Experience, and Usability","author":"A Moallem","year":"2011","unstructured":"Moallem, A.: Did you forget your password? In: Marcus, A. (ed.) HCII 2011 and DUXU 2011, Part II. LNCS, vol. 6770, pp. 29\u201339. Springer, Heidelberg (2011)"},{"key":"3_CR20","doi-asserted-by":"crossref","unstructured":"Rabkin, A.: Personal knowledge questions for fallback authentication: security questions in the era of Facebook. In: Proceedings of the 4th Symposium on Usable Privacy and Security, pp. 13\u201323. ACM (2008)","DOI":"10.1145\/1408664.1408667"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Schechter, S., Brush, A.B., Egelman, S.: It\u2019s no secret. Measuring the security and reliability of authentication via secret questions. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 375\u2013390. IEEE (2009)","DOI":"10.1109\/SP.2009.11"},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Schechter, S., Egelman, S., Reeder, R.W.: It\u2019s not what you know, but who you know: a social approach to last-resort authentication. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1983\u20131992. ACM (2009)","DOI":"10.1145\/1518701.1519003"},{"key":"3_CR23","unstructured":"Wikipedia: Sarah Palin email hack \u2014 Wikipedia, The Free Encyclopedia (2015). https:\/\/en.wikipedia.org\/w\/index.php?title=Sarah_Palin_email_hack&direction=next&oldid=667446959 . Accessed 15 Jun 2016"}],"container-title":["Lecture Notes in Computer Science","Information Security Theory and Practice"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-45931-8_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,10]],"date-time":"2025-06-10T19:13:31Z","timestamp":1749582811000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-45931-8_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319459301","9783319459318"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-45931-8_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"17 September 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"WISTP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Information Security Theory and Practice","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Heraklion","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"wistp2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}