{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T04:31:43Z","timestamp":1773117103885,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662583869","type":"print"},{"value":"9783662583876","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-662-58387-6_9","type":"book-chapter","created":{"date-parts":[[2019,8,29]],"date-time":"2019-08-29T11:03:39Z","timestamp":1567076619000},"page":"160-179","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":47,"title":["Why Johnny Doesn\u2019t Use Two Factor A Two-Phase Usability Study of the FIDO U2F Security Key"],"prefix":"10.1007","author":[{"given":"Sanchari","family":"Das","sequence":"first","affiliation":[]},{"given":"Andrew","family":"Dingman","sequence":"additional","affiliation":[]},{"given":"L. Jean","family":"Camp","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,12,7]]},"reference":[{"issue":"6221","key":"9_CR1","doi-asserted-by":"publisher","first-page":"509","DOI":"10.1126\/science.aaa1465","volume":"347","author":"A. Acquisti","year":"2015","unstructured":"Acquisti, A., Brandimarte, L., Loewenstein, G.: Privacy and human behavior in the age of information. Science 347(6221), 509\u2013514 (2015). \n                      http:\/\/science.sciencemag.org\/content\/347\/6221\/509.short\n                      \n                    . Accessed 04 May 2017","journal-title":"Science"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Bauer, L., et al.: A user study of policy creation in a exible access-control system. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, pp. 543\u2013552 (2008)","DOI":"10.1145\/1357054.1357143"},{"issue":"4","key":"9_CR3","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1145\/2333112.2333114","volume":"44","author":"R Biddle","year":"2012","unstructured":"Biddle, R., Chiasson, S., Van Oorschot, P.C.: Graphical passwords: learning from the first twelve years. ACM Comput. Surv. (CSUR) 44(4), 19 (2012)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"9_CR4","doi-asserted-by":"publisher","unstructured":"Bonneau, J., et al.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: 2012 IEEE Symposium on Security and Privacy (SP), May 2012, pp. 553\u2013567. \n                      https:\/\/doi.org\/10.1109\/SP.2012.44\n                      \n                    , \n                      http:\/\/ieeexplore.ieee.org\/xpl\/articleDetails.jsp?arnumber=6234436","DOI":"10.1109\/SP.2012.44"},{"issue":"1","key":"9_CR5","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1109\/MTS.2013.2241294","volume":"32","author":"Vaibhav Garg","year":"2013","unstructured":"Camp, L.J., Abbott, J., Chen, S.: CPasswords: leveraging episodic memory and human-centered design for better authentication. In: 2016 49th Hawaii International Conference on System Sciences (HICSS), January 2016, pp. 3656\u20133665. \n                      https:\/\/doi.org\/10.1109\/MTS.2013.2241294","journal-title":"IEEE Technology and Society Magazine"},{"key":"9_CR6","unstructured":"Fagan, M., Khan, M.M.H.: Why do they do what they do?: A study of what motivates users to (not) follow computer security advice. In: Twelfth Symposium on Usable Privacy and Security (SOUPS 2016) (2016)"},{"issue":"1","key":"9_CR7","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1109\/MTS.2013.2241294","volume":"32","author":"V Garg","year":"2013","unstructured":"Garg, V., Camp, J.: Heuristics and biases: implications for security design. IEEE Technol. Soc. Mag. 32(1), 73\u201379 (2013). \n                      https:\/\/doi.org\/10.1109\/MTS.2013.2241294\n                      \n                    . ISSN 0278\u20130097","journal-title":"IEEE Technol. Soc. Mag."},{"key":"9_CR8","unstructured":"Grossklags, J., Acquisti, A.: When 25 cents is too much: an experiment on willingness-to-sell and willingness-to-protect personal information. In: WEIS (2007)"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Inglesant, P.G., Sasse, M.A.: The true cost of unusable password policies: password use in the wild. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, pp. 383\u2013392 (2010)","DOI":"10.1145\/1753326.1753384"},{"key":"9_CR10","unstructured":"Kelley, T., Rajivan, P., Camp, L.J.: An assessment of computer and security expertise. Technical report, March 2014"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Komanduri, S., et al.: Of passwords and people: measuring the effect of password-composition policies. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, pp. 2595\u20132604 (2011)","DOI":"10.1145\/1978942.1979321"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Krol, K., et al.: \u201cThey brought in the horrible key ring thing!\" analysing the usability of two-factor authentication in uk online banking. arXiv preprint \n                      arXiv:1501.04434\n                      \n                     (2015)","DOI":"10.14722\/usec.2015.23001"},{"key":"9_CR13","doi-asserted-by":"publisher","first-page":"422","DOI":"10.1007\/978-3-662-54970-4_25","volume-title":"Financial Cryptography and Data Security","author":"Juan Lang","year":"2017","unstructured":"Lang, J., Czeskis, A., Balfanz, D., Schilder, M., Srinivas, S.: Security keys: practical cryptographic second factors for the modern web. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 422\u2013440. Springer, Heidelberg (2017). \n                      https:\/\/doi.org\/10.1007\/978-3-662-54970-4_25\n                      \n                    . \n                      http:\/\/fc16.ifca.ai\/preproceedings\/25_Lang.pdf"},{"key":"9_CR14","unstructured":"McDowell, B.: Strong Authentication Canine, June 2015. \n                      https:\/\/www.youtube.com\/watch?v=sdJ47NFGlgk"},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"M\u2019Raihi, D., et al.: Rfc 6238-totp: time-based one-time password algorithm (2011)","DOI":"10.17487\/rfc6238"},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"M\u2019Raihi, D., et al.: RFC 4226: HOTP: an HMAC-based one-time password algorithm (2005)","DOI":"10.17487\/rfc4226"},{"key":"9_CR17","unstructured":"New password guidelines say everything we thought about passwords is wrong. VentureBeat, 18 April 2017. \n                      https:\/\/venturebeat.com\/2017\/04\/18\/new-password-guidelines-say-everything-we-thought-about-passwords-is-wrong\/\n                      \n                    . Accessed 04 May 2017"},{"key":"9_CR18","doi-asserted-by":"publisher","unstructured":"Norcie, G., et al.: Why Johnny can\u2019t blow the whistle: identifying and reducing usability issues in anonymity systems. In: Internet Society (2014). \n                      https:\/\/doi.org\/10.14722\/usec.2014.23022\n                      \n                    , \n                      http:\/\/www.internetsociety.org\/doc\/why-johnny-cant-blow-whistle-identifying-and-reducing-usability-issues-anonymity-systems\n                      \n                    . Accessed 11 May 2017. ISBN 978-1-891562-37-2","DOI":"10.14722\/usec.2014.23022"},{"key":"9_CR19","unstructured":"Rajivan, P., et al.: What can Johnny do?-Factors in an end-user expertise instrument. In: Proceedings of the Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016). Lulu.com, p. 199 (2016)"},{"key":"9_CR20","unstructured":"Reeder, R.W., Maxion, R.A.: User interface dependability through goal-error prevention. In: International Conference on Dependable Systems and Networks, DSN 2005, Proceedings. IEEE, pp. 60\u201369 (2005)"},{"key":"9_CR21","unstructured":"Srinivas, S., et al.: Universal 2nd factor (U2F) overview. In: FIDO Alliance Proposed Standard, pp. 1\u20135 (2015)"},{"key":"9_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1007\/978-3-642-25867-1_6","volume-title":"Security Protocols XIX","author":"F Stajano","year":"2011","unstructured":"Stajano, F.: Pico: no more passwords!. In: Christianson, B., Crispo, B., Malcolm, J., Stajano, F. (eds.) Security Protocols 2011. LNCS, vol. 7114, pp. 49\u201381. Springer, Heidelberg (2011). \n                      https:\/\/doi.org\/10.1007\/978-3-642-25867-1_6"},{"key":"9_CR23","unstructured":"Use Security Key for 2-Step Verification - Android. \n                      https:\/\/support.google.com\/accounts\/answer\/6103523?hl=en&ref_topic=6103521"},{"key":"9_CR24","unstructured":"Wash, R., et al.: Understanding password choices: How frequently entered passwords are re-used across websites. In: Symposium on Usable Privacy and Security (SOUPS) (2016)"},{"issue":"4","key":"9_CR25","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1145\/1330311.1330320","volume":"51","author":"R West","year":"2008","unstructured":"West, R.: The psychology of security. Commun. ACM 51(4), 34\u201340 (2008). \n                      http:\/\/dl.acm.org\/citation.cfm?id=1330320\n                      \n                    . Accessed 05 Apr 2017","journal-title":"Commun. ACM"},{"key":"9_CR26","unstructured":"Whitten, A., Tygar, J.D.: Why: Johnny can\u2019t encrypt: a usability evaluation of PGP 5.0. In: USENIX Security Symposium, vol. 99 (1999)"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Zurko, M.E., Simon, R.T.: User-centered security. In: Proceedings of the 1996 workshop on New security paradigms. ACM, pp. 27\u201333 (1996)","DOI":"10.1145\/304851.304859"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-58387-6_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,29]],"date-time":"2019-08-29T11:04:25Z","timestamp":1567076665000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-58387-6_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783662583869","9783662583876"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-58387-6_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"7 December 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Financial Cryptography and Data Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nieuwpoort","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cura\u00e7ao","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 February 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 March 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fc2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/fc18.ifca.ai\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"110","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,27","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,27","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}