{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,20]],"date-time":"2026-03-20T01:23:46Z","timestamp":1773969826410,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,4,26]],"date-time":"2014-04-26T00:00:00Z","timestamp":1398470400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,4,26]]},"DOI":"10.1145\/2556288.2557377","type":"proceedings-article","created":{"date-parts":[[2014,4,28]],"date-time":"2014-04-28T14:18:30Z","timestamp":1398694710000},"page":"2927-2936","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":82,"title":["Can long passwords be secure and usable?"],"prefix":"10.1145","author":[{"given":"Richard","family":"Shay","sequence":"first","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Saranga","family":"Komanduri","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adam L.","family":"Durity","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Phillip (Seyoung)","family":"Huh","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michelle L.","family":"Mazurek","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sean M.","family":"Segreti","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Blase","family":"Ur","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lujo","family":"Bauer","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nicolas","family":"Christin","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lorrie Faith","family":"Cranor","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2014,4,26]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.5555\/646684.702633"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2333112.2333114"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(95)00003-Q"},{"key":"e_1_3_2_1_4_1","volume-title":"The Gawker hack: how a million passwords were lost","author":"Bonneau J.","year":"2010","unstructured":"Bonneau , J. The Gawker hack: how a million passwords were lost , 2010 . http:\/\/www.lightbluetouchpaper.org\/2010\/12\/15\/ the-gawker-hack-how-a-million-passwordswere-lost\/. Bonneau, J. The Gawker hack: how a million passwords were lost, 2010. http:\/\/www.lightbluetouchpaper.org\/2010\/12\/15\/ the-gawker-hack-how-a-million-passwordswere-lost\/."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.49"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.44"},{"key":"e_1_3_2_1_8_1","volume-title":"Ars Technica","author":"Bright P.","year":"2011","unstructured":"Bright , P. Anonymous speaks : The inside story of the HBGary hack . Ars Technica , February 2011 . Bright, P. Anonymous speaks: The inside story of the HBGary hack. Ars Technica, February 2011."},{"key":"e_1_3_2_1_9_1","volume-title":"NIST","author":"Burr W. E.","year":"2011","unstructured":"Burr , W. E. , Dodson , D. F. , Newton , E. M. , Perlner , R. A. , Polk , W. T. , Gupta , S. , and Nabbus , E. A . Electronic authentication guideline. Tech. rep ., NIST , 2011 . Burr, W. E., Dodson, D. F., Newton, E. M., Perlner, R. A., Polk, W. T., Gupta, S., and Nabbus, E. A. Electronic authentication guideline. Tech. rep., NIST, 2011."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-63v1.0.2"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1080\/0144929X.2010.492876"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653722"},{"key":"e_1_3_2_1_13_1","unstructured":"Constantin L. Sony stresses that PSN passwords were hashed. http:\/\/news.softpedia.com\/news\/ Sony-Stresses-PSN-Passwords-Were-Hashed-198218. shtml 2011.  Constantin L. Sony stresses that PSN passwords were hashed. http:\/\/news.softpedia.com\/news\/ Sony-Stresses-PSN-Passwords-Were-Hashed-198218. shtml 2011."},{"key":"e_1_3_2_1_14_1","volume-title":"Proc. INFOCOM","author":"Dell'Amico M.","year":"2010","unstructured":"Dell'Amico , M. , Michiardi , P. , and Roudier , Y . Password strength: An empirical analysis . In Proc. INFOCOM ( 2010 ). Dell'Amico, M., Michiardi, P., and Roudier, Y. Password strength: An empirical analysis. In Proc. INFOCOM (2010)."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2501604.2501617"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143127"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/2360743.2360824"},{"key":"e_1_3_2_1_18_1","volume-title":"Identity assurance profiles bronze and silver v1.1","author":"InCommon Federation","year":"2011","unstructured":"InCommon Federation . Identity assurance profiles bronze and silver v1.1 , 2011 . InCommon Federation. Identity assurance profiles bronze and silver v1.1, 2011."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753384"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00184"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.38"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979321"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516726"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102168"},{"key":"e_1_3_2_1_25_1","volume-title":"Instruments, & Computers 34, 2","author":"Proctor R. W.","year":"2002","unstructured":"Proctor , R. W. , Lien , M.-C. , Vu , K.-P. L. , Schultz , E. E. , and Salvendy , G . Improving computer security for authentication of users: influence of proactive password restrictions. Behavior Res. Methods , Instruments, & Computers 34, 2 ( 2002 ), 163--169. Proctor, R. W., Lien, M.-C., Vu, K.-P. L., Schultz, E. E., and Salvendy, G. Improving computer security for authentication of users: influence of proactive password restrictions. Behavior Res. Methods, Instruments, & Computers 34, 2 (2002), 163--169."},{"key":"e_1_3_2_1_26_1","volume-title":"Proc. HotSec","author":"Schechter S.","year":"2010","unstructured":"Schechter , S. , Herley , C. , and Mitzenmacher , M . Popularity is everything: A new approach to protecting passwords from statistical-guessing attacks . In Proc. HotSec ( 2010 ). Schechter, S., Herley, C., and Mitzenmacher, M. Popularity is everything: A new approach to protecting passwords from statistical-guessing attacks. In Proc. HotSec (2010)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2335356.2335366"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1837110.1837113"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(92)90207-8"},{"key":"e_1_3_2_1_30_1","volume-title":"Proc. USENIX Security","author":"Ur B.","year":"2012","unstructured":"Ur , B. , Kelley , P. G. , Komanduri , S. , Lee , J. , Maass , M. , Mazurek , M. , Passaro , T. , Shay , R. , Vidas , T. , Bauer , L. , Christin , N. , and Cranor , L. F . How does your password measure up? The effect of strength meters on password creation . In Proc. USENIX Security ( 2012 ). Ur, B., Kelley, P. G., Komanduri, S., Lee, J., Maass, M., Mazurek, M., Passaro, T., Shay, R., Vidas, T., Bauer, L., Christin, N., and Cranor, L. F. How does your password measure up? The effect of strength meters on password creation. In Proc. USENIX Security (2012)."},{"key":"e_1_3_2_1_31_1","unstructured":"Vance A. If your password is 123456 just make it HackMe. The New York Times http:\/\/www.nytimes. com\/2010\/01\/21\/technology\/21password.html January 2010.  Vance A. If your password is 123456 just make it HackMe. The New York Times http:\/\/www.nytimes. com\/2010\/01\/21\/technology\/21password.html January 2010."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijhcs.2007.03.007"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866327"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.8"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.1999.11518226"}],"event":{"name":"CHI '14: CHI Conference on Human Factors in Computing Systems","location":"Toronto Ontario Canada","acronym":"CHI '14","sponsor":["SIGCHI ACM Special Interest Group on Computer-Human Interaction"]},"container-title":["Proceedings of the SIGCHI Conference on Human Factors in Computing Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2556288.2557377","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2556288.2557377","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:55:50Z","timestamp":1750229750000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2556288.2557377"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,4,26]]},"references-count":34,"alternative-id":["10.1145\/2556288.2557377","10.1145\/2556288"],"URL":"https:\/\/doi.org\/10.1145\/2556288.2557377","relation":{},"subject":[],"published":{"date-parts":[[2014,4,26]]},"assertion":[{"value":"2014-04-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}