{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:54:37Z","timestamp":1772042077028,"version":"3.50.1"},"reference-count":18,"publisher":"Springer Science and Business Media LLC","issue":"2-3","license":[{"start":{"date-parts":[[2015,4,4]],"date-time":"2015-04-04T00:00:00Z","timestamp":1428105600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2015,12]]},"DOI":"10.1007\/s10623-015-0071-9","type":"journal-article","created":{"date-parts":[[2015,4,3]],"date-time":"2015-04-03T18:18:39Z","timestamp":1428085119000},"page":"401-408","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":33,"title":["Quantifying the security advantage of password expiration policies"],"prefix":"10.1007","volume":"77","author":[{"given":"Sonia","family":"Chiasson","sequence":"first","affiliation":[]},{"given":"P. C.","family":"van Oorschot","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,4,4]]},"reference":[{"key":"71_CR1","doi-asserted-by":"crossref","unstructured":"Bonneau J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: IEEE 2012 Symposium on Security and Privacy.","DOI":"10.1109\/SP.2012.49"},{"key":"71_CR2","unstructured":"Bonneau J., Herley C., van Oorschot P.C., Stajano F.: The past, present, and future of password-based authentication on the web. Commun. ACM (2015, to appear)."},{"key":"71_CR3","doi-asserted-by":"crossref","unstructured":"Burr W., Dodson D.F., Polk W.T., (eds). Electronic authentication guideline. NIST Special Pub 800\u201363 Version 1.0, June 2004 (Later versions include Burr et al., NIST SP-800-63-2, Aug 2013).","DOI":"10.6028\/NIST.SP.800-63-2"},{"key":"71_CR4","doi-asserted-by":"crossref","unstructured":"Cheswick W.: Rethinking passwords. Commun. ACM 56(2), 40\u201344 (2013).","DOI":"10.1145\/2408776.2408790"},{"key":"71_CR5","unstructured":"Curry D.A.: UNIX System Security: A Guide for Users and System Administrators. Addison-Wesley, Boston (1992)."},{"key":"71_CR6","doi-asserted-by":"crossref","unstructured":"Desmedt Y.G.: Unconditionally secure authentication schemes and practical and theoretical consequences. In: Advances in Cryptology\u2014CRYPTO\u201985 Proceedings, LNCS, vol. 218, pp. 42\u201355. Springer, Berlin (1986).","DOI":"10.1007\/3-540-39799-X_6"},{"key":"71_CR7","doi-asserted-by":"crossref","unstructured":"van Dijk M., Juels A., Oprea A., Rivest R.L.: FlipIt: the game of \u201cstealthy takeover\u201d. J. Cryptol. 26(4), 655\u2013713 (2013).","DOI":"10.1007\/s00145-012-9134-5"},{"key":"71_CR8","doi-asserted-by":"crossref","unstructured":"Florencio D., Herley C.: Where do security policies come from? In: ACM SOUPS (2010).","DOI":"10.1145\/1837110.1837124"},{"key":"71_CR9","unstructured":"Florencio D., Herley C., van Oorschot P.C.: An administrator\u2019s guide to internet password research. In: USENIX LISA (2014)."},{"key":"71_CR10","doi-asserted-by":"crossref","unstructured":"Herley C., van Oorschot P.C.: A research agenda acknowledging the persistence of passwords. IEEE Secur. Priv. 10(1), 28\u201336 (2012).","DOI":"10.1109\/MSP.2011.150"},{"key":"71_CR11","doi-asserted-by":"crossref","unstructured":"Gage Kelley P., et al.: Guess again (and again and again): measuring password strength by simulating password-cracking algorithms. In: IEEE 2012 Symposium on Security and Privacy.","DOI":"10.21236\/ADA570747"},{"key":"71_CR12","doi-asserted-by":"crossref","unstructured":"Mazurek M., et al.: Measuring password guessability for an entire university. In: ACM CCS (2013).","DOI":"10.1145\/2508859.2516726"},{"key":"71_CR13","doi-asserted-by":"crossref","unstructured":"Narayanan A., Schmatikov V.: Fast dictionary attacks on passwords using time-space tradeoff. In: ACM CCS (2005).","DOI":"10.1145\/1102120.1102168"},{"key":"71_CR14","doi-asserted-by":"crossref","unstructured":"Quisquater J.-J., Desmedt Y.G.: Chinese lotto as an exhaustive code-breaking machine. IEEE Comput. 24(11), 14\u201322 (1991).","DOI":"10.1109\/2.116847"},{"key":"71_CR15","unstructured":"Schechter S., Herley C., Mitzenmacher M.: Popularity is everything: a new approach to protecting passwords from statistical-guessing attacks. In: USENIX HotSec (2010)."},{"key":"71_CR16","doi-asserted-by":"crossref","unstructured":"Weir M., Aggarwal S., de Medeiros B., Glodek B.: Password cracking using probabilistic context-free grammars. In: IEEE 2009 Symposium on Security and Privacy.","DOI":"10.1109\/SP.2009.8"},{"key":"71_CR17","doi-asserted-by":"crossref","unstructured":"Weir M., Aggarwal S., Collins M., Stern H.: Testing metrics for password creation policies by attacking large sets of revealed passwords. In: ACM CCS (2010).","DOI":"10.1145\/1866307.1866327"},{"key":"71_CR18","doi-asserted-by":"crossref","unstructured":"Zhang Y., Monrose F., Reiter M.K.: The security of modern password expiration: an algorithmic framework and empirical analysis. In: ACM CCS (2010).","DOI":"10.1145\/1866307.1866328"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-015-0071-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10623-015-0071-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-015-0071-9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,22]],"date-time":"2019-08-22T22:10:13Z","timestamp":1566511813000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10623-015-0071-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,4,4]]},"references-count":18,"journal-issue":{"issue":"2-3","published-print":{"date-parts":[[2015,12]]}},"alternative-id":["71"],"URL":"https:\/\/doi.org\/10.1007\/s10623-015-0071-9","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,4,4]]}}}