{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,8]],"date-time":"2026-02-08T02:03:31Z","timestamp":1770516211559,"version":"3.49.0"},"reference-count":47,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"1","license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"am","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000183","name":"U.S. Army Research Office","doi-asserted-by":"crossref","award":["W911NF-13-1-0421"],"award-info":[{"award-number":["W911NF-13-1-0421"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/100000183","name":"U.S. Army Research Office","doi-asserted-by":"crossref","award":["W911NF-17-1-0447"],"award-info":[{"award-number":["W911NF-17-1-0447"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/100000183","name":"U.S. Army Research Office","doi-asserted-by":"crossref","award":["W911NF-19-1-0049"],"award-info":[{"award-number":["W911NF-19-1-0049"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-15-1-2007"],"award-info":[{"award-number":["N00014-15-1-2007"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-16-1-3214"],"award-info":[{"award-number":["N00014-16-1-3214"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-18-2893"],"award-info":[{"award-number":["N00014-18-2893"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1618117"],"award-info":[{"award-number":["CNS-1618117"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1822094"],"award-info":[{"award-number":["CNS-1822094"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2022,1,1]]},"DOI":"10.1109\/tdsc.2020.2975789","type":"journal-article","created":{"date-parts":[[2020,3,2]],"date-time":"2020-03-02T20:52:48Z","timestamp":1583182368000},"page":"620-634","source":"Crossref","is-referenced-by-count":10,"title":["Understanding Account Recovery in the Wild and its Security Implications"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7682-811X","authenticated-orcid":false,"given":"Yue","family":"Li","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zeyu","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9665-7511","authenticated-orcid":false,"given":"Haining","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4152-2107","authenticated-orcid":false,"given":"Kun","family":"Sun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3210-558X","authenticated-orcid":false,"given":"Sushil","family":"Jajodia","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/359168.359172"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.44"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/2699390"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102168"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.8"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866327"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.38"},{"key":"ref8","first-page":"1537","article-title":"Birthday, name and bifacial-security: Understanding passwords of chinese web users","volume-title":"Proc. 28th USENIX Secur. Symp.","author":"Wang"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133973"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/1595676.1595684"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2891411"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23268"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/2470654.2481329"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2016.60"},{"key":"ref15","first-page":"157","article-title":"zxcvbn: Low-budget password strength estimation","volume-title":"Proc. 25th USENIX Secur. Symp.","author":"Wheeler"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.21236\/ADA614474"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2018.8486017"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.162"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1253564"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.11"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/2736277.2741691"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991091"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2751323.2751327"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660273"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.17487\/rfc6376"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815695"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32946-3_3"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23103"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2016.7524583"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.81"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143129"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813622"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2016.90"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.80"},{"key":"ref43","article-title":"The password thicket: Technical and market failures in human authentication on the web","volume-title":"Proc. 9th Workshop Econ. Inf. Secur.","author":"Bonneau"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813692"},{"key":"ref45","article-title":"The design and analysis of graphical passwords","volume-title":"Proc. 8th Conf. USENIX Secur. Symp.","author":"Jermyn"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1193209"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2004.827372"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046725"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586133"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180427"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2004.04.011"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/AICCSA.2009.5069395"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382240"},{"key":"ref55","first-page":"483","article-title":"Sound-proof: Usable two-factor authentication based on ambient sound","volume-title":"Proc. 24th USENIX Conf. Secur. Symp.","author":"Karapanos"},{"key":"ref56","first-page":"301","article-title":"Progressive authentication: Deciding when to authenticate on mobile phones","volume-title":"Proc. 21st USENIX Secur. Symp.","author":"Riva"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"https:\/\/ieeexplore.ieee.org\/ielam\/8858\/9625881\/9020194-aam.pdf","content-type":"application\/pdf","content-version":"am","intended-application":"syndication"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8858\/9625881\/09020194.pdf?arnumber=9020194","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,9]],"date-time":"2024-01-09T22:19:06Z","timestamp":1704838746000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9020194\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,1]]},"references-count":47,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2020.2975789","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"value":"1545-5971","type":"print"},{"value":"1941-0018","type":"electronic"},{"value":"2160-9209","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,1,1]]}}}