{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,5]],"date-time":"2025-11-05T06:27:58Z","timestamp":1762324078359,"version":"build-2065373602"},"reference-count":60,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"BIGC Project","award":["Ea202515"],"award-info":[{"award-number":["Ea202515"]}]},{"name":"Beijing Science and Technology Plan","award":["Z241100007624008"],"award-info":[{"award-number":["Z241100007624008"]}]},{"name":"Publishing Think Tank Platform Development Project","award":["KYCPT202514"],"award-info":[{"award-number":["KYCPT202514"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62202012"],"award-info":[{"award-number":["62202012"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2025]]},"DOI":"10.1109\/tifs.2025.3622084","type":"journal-article","created":{"date-parts":[[2025,10,15]],"date-time":"2025-10-15T17:36:08Z","timestamp":1760549768000},"page":"11544-11559","source":"Crossref","is-referenced-by-count":0,"title":["User-Autonomous Multi-Factor Authentication Supporting Arbitrary Factor Configurations"],"prefix":"10.1109","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2613-8257","authenticated-orcid":false,"given":"Wenting","family":"Li","sequence":"first","affiliation":[{"name":"School of Information Engineering, Beijing Institute of Graphic Communication, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haibo","family":"Cheng","sequence":"additional","affiliation":[{"name":"National Engineering Research Center for Software Engineering and Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0262-7678","authenticated-orcid":false,"given":"Kaitai","family":"Liang","sequence":"additional","affiliation":[{"name":"Faculty of Technology, University of Turku, Turku, Finland"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3081263"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00016"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00032"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179429"},{"key":"ref5","first-page":"2027","article-title":"InfinityGauntlet: Brute-force attack on smartphone fingerprint authentication","volume-title":"Proc. USENIX Secur.","author":"Chen"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1002\/ecjc.4430720906"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-17659-4_15"},{"volume-title":"Universal 2nd Factor (U2F) Overview","year":"2017","key":"ref8"},{"volume-title":"GitHub-Google\/Google-Authenticator: Open Source Version of Google Authenticator (Except the Android App)","year":"2020","key":"ref9"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23357"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00056"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-032-07894-0_12"},{"volume-title":"Incident Report: Employee and Customer Account Compromise","year":"2022","key":"ref13"},{"volume-title":"Twilio Incident: What Signal Users Need to Know","year":"2022","author":"Foundation","key":"ref14"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2024.3382359"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2024.3372812"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-76581-5_15"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.30"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-24676-3_31"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-020-09367-8"},{"volume-title":"Duo Security Two-Factor Authentication","year":"2021","key":"ref21"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23167"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2017.2764083"},{"volume-title":"Securing Your Account With Two-Factor Authentication (2FA)","year":"2025","key":"ref24"},{"volume-title":"How to Use Two-Factor Authentication","year":"2025","author":"University","key":"ref25"},{"volume-title":"Take Your Security to the Next Level","year":"2025","key":"ref26"},{"volume-title":"Github Says Bug Exposed Some Plaintext Passwords","year":"2018","author":"Whittaker","key":"ref27"},{"volume-title":"Google Has Stored Some Passwords in Plaintext Since 2005","year":"2019","author":"Newman","key":"ref28"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.8"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.50"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP49660.2025.10888919"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP49660.2025.10887803"},{"volume-title":"TOTP: Time-Based One-Time Password Algorithm","year":"2011","author":"M\u2019Raihi","key":"ref33"},{"key":"ref34","first-page":"253","article-title":"SmartVerif: Push the limit of automation capability of verifying security protocols by dynamic strategies","volume-title":"Proc. USENIX","author":"Xiong"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00008"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/mwc.001.2000329"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45539-6_11"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1049\/ip-ifs:20055073"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2024.3382934"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3214729"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48329-2_21"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-77870-5_5"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38554-4_20"},{"key":"ref44","first-page":"546","article-title":"HMQV: A high-performance secure Diffie\u2013Hellman protocol","volume-title":"Proc. CRYPTO","author":"Krawczyk"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/359168.359176"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/MARK.1979.8817296"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/SCT.1993.336536"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-34799-2_3"},{"key":"ref49","first-page":"997","article-title":"Breaking the o(2n) barrier: Faster secret sharing for general access structures","volume-title":"Proc. STOC","author":"Liu"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030096"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53887-6_10"},{"key":"ref52","first-page":"432","article-title":"Robust and reusable fuzzy extractors from lattices","volume-title":"Proc. CRYPTO","author":"Barthe"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-46035-7_22"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2018.2857811"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.1997.596782"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/359657.359659"},{"key":"ref57","first-page":"7781","article-title":"Practically secure honey password vaults: New design and new evaluation against online guessing","volume-title":"Proc. USENIX Secur.","author":"Cheng"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.49"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-55220-5_17"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-78372-7_15"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10206\/10810755\/11204684.pdf?arnumber=11204684","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,5]],"date-time":"2025-11-05T05:55:33Z","timestamp":1762322133000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11204684\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"references-count":60,"URL":"https:\/\/doi.org\/10.1109\/tifs.2025.3622084","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"type":"print","value":"1556-6013"},{"type":"electronic","value":"1556-6021"}],"subject":[],"published":{"date-parts":[[2025]]}}}