{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T22:36:04Z","timestamp":1777415764727,"version":"3.51.4"},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642035487","type":"print"},{"value":"9783642035494","type":"electronic"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-03549-4_14","type":"book-chapter","created":{"date-parts":[[2009,7,16]],"date-time":"2009-07-16T06:05:28Z","timestamp":1247724328000},"page":"230-237","source":"Crossref","is-referenced-by-count":59,"title":["Passwords: If We\u2019re So Smart, Why Are We Still Using Them?"],"prefix":"10.1007","author":[{"given":"Cormac","family":"Herley","sequence":"first","affiliation":[]},{"given":"P. C.","family":"van Oorschot","sequence":"additional","affiliation":[]},{"given":"Andrew S.","family":"Patrick","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","doi-asserted-by":"crossref","unstructured":"Anderson, R., Bohme, R., Clayton, R., Moore, T.: Security Economics and the Internal Market. ENISA (European Network and Information Security Agency). Shortened version: Security Economics and European Policy (March 2008)","DOI":"10.1007\/978-0-387-09762-6_3"},{"key":"14_CR2","unstructured":"Bank of America \u2013 Online Banking. SiteKey at Bank of America, http:\/\/www.bankofamerica.com\/privacy\/sitekey\/"},{"key":"14_CR3","unstructured":"Bank of America. SafePass: Online Banking Security Enhancements, http:\/\/www.bankofamerica.com\/privacy\/index.cfm?template=learn_about_safepass"},{"key":"14_CR4","unstructured":"CA\/Browser Forum, http:\/\/www.cabforum.org\/"},{"key":"14_CR5","unstructured":"Chiasson, S.: Usable Authentication and Click-Based Graphical Passwords. PhD thesis, Carleton University, Ottawa, Canada (January 2009)"},{"key":"14_CR6","doi-asserted-by":"crossref","unstructured":"Drimer, S., Murdoch, S.J., Anderson, R.: Thinking Inside the Box: System-level Failures of Tamper Proofing. In: Proc. 2008 IEEE Symposium on Security and Privacy (2008)","DOI":"10.1109\/SP.2008.16"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Drimer, S., Murdoch, S.J., Anderson, R.: Optimised To Fail: Card Readers for Online Banking. In: Financial Cryptography and Data Security (2009)","DOI":"10.1007\/978-3-642-03549-4_11"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Flor\u00eancio, D., Herley, C.: A Large-scale Study of Web Password Habits. In: Proc. of World Wide Web Conference (2007)","DOI":"10.1145\/1242572.1242661"},{"key":"14_CR9","unstructured":"Flor\u00eancio, D., Herley, C., Coskun, B.: Do Strong Web Passwords Accomplish Anything? In: Proc. of Usenix HotSec (2007)"},{"key":"14_CR10","unstructured":"Hansell, S.: What\u2019s the Password? Only Your iPhone Knows. Bits Blog (Business, Innovation, Technology, Society), The New York Times, March 31 (2009)"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Herley, C., Flor\u00eancio, D.: A Profitless Endeavor: Phishing as Tragedy of the Commons. In: New Security Paradigms Workshop (NSPW) (2008)","DOI":"10.1145\/1595676.1595686"},{"key":"14_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1007\/978-3-540-77366-5_27","volume-title":"Financial Cryptography and Data Security","author":"C. Jackson","year":"2007","unstructured":"Jackson, C., Simon, D.R., Tan, D.S., Barth, A.: An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol.\u00a04886, pp. 281\u2013293. Springer, Heidelberg (2007)"},{"key":"14_CR13","volume-title":"Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft","year":"2007","unstructured":"Jakobsson, M., Myers, S. (eds.): Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft. John Wiley and Sons, Chichester (2007)"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Mannan, M., van Oorschot, P.C.: Security and Usability: The Gap in Real-World Online Banking. In: New Security Paradigms Workshop 2007 (NSPW) (2007)","DOI":"10.1145\/1600176.1600178"},{"key":"14_CR15","series-title":"LNBIP","first-page":"233","volume-title":"4th MCETECH Conference on eTechnologies","author":"P.C. Oorschot van","year":"2009","unstructured":"van Oorschot, P.C., Wan, T.: TwoStep: An Authentication Method Combining Text and Graphical Passwords. In: 4th MCETECH Conference on eTechnologies. LNBIP, vol.\u00a026, pp. 233\u2013239. Springer, Heidelberg (2009)"},{"key":"14_CR16","unstructured":"Patrick, A.S.: Commentary on research on new security indicators (2007), http:\/\/www.andrewpatrick.ca\/essays\/commentary-on-research-on-new-security-indicators\/ (retrieved March 3, 2009)"},{"key":"14_CR17","doi-asserted-by":"crossref","unstructured":"Rabkin, A.: Personal Knowledge Questions for Fallback Authentication. In: SOUPS (2008)","DOI":"10.1145\/1408664.1408667"},{"key":"14_CR18","doi-asserted-by":"crossref","unstructured":"Schechter, S.E., Dhamija, R., Ozment, A., Fischer, I.: The Emperor\u2019s New Security Indicators. In: Proc. 2007 IEEE Symposium on Security and Privacy (2007)","DOI":"10.1109\/SP.2007.35"},{"key":"14_CR19","doi-asserted-by":"crossref","unstructured":"Shamir, A.: SecureClick: A Web Payment System with Disposable Credit Card Numbers. In: Financial Cryptography (2001)","DOI":"10.1007\/3-540-46088-8_20"},{"key":"14_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"411","DOI":"10.1007\/978-3-540-88313-5_27","volume-title":"Computer Security - ESORICS 2008","author":"J. Sobey","year":"2008","unstructured":"Sobey, J., Biddle, R., van Oorschot, P.C., Patrick, A.S.: Exporing User Reactions to Browser Cues for Extended Valiation Certificates. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol.\u00a05283, pp. 411\u2013427. Springer, Heidelberg (2008)"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-03549-4_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,21]],"date-time":"2019-05-21T10:20:15Z","timestamp":1558434015000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-03549-4_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642035487","9783642035494"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-03549-4_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009]]}}}