{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,3]],"date-time":"2025-09-03T09:56:37Z","timestamp":1756893397047,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,4,3]],"date-time":"2017-04-03T00:00:00Z","timestamp":1491177600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"European Community"},{"name":"Facebook's Research and Academic Relations Program Gift"},{"name":"Google Faculty Research Award"},{"name":"Swedish research agency VR"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,4,3]]},"DOI":"10.1145\/3019612.3019798","type":"proceedings-article","created":{"date-parts":[[2017,5,25]],"date-time":"2017-05-25T16:27:32Z","timestamp":1495729652000},"page":"1753-1760","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["Measuring login webpage security"],"prefix":"10.1145","author":[{"given":"Steven","family":"Van Acker","sequence":"first","affiliation":[{"name":"Chalmers University of Technology"}]},{"given":"Daniel","family":"Hausknecht","sequence":"additional","affiliation":[{"name":"Chalmers University of Technology"}]},{"given":"Andrei","family":"Sabelfeld","sequence":"additional","affiliation":[{"name":"Chalmers University of Technology"}]}],"member":"320","published-online":{"date-parts":[[2017,4,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"RFC 6797: HTTP Strict Transport Security (HSTS).  RFC 6797: HTTP Strict Transport Security (HSTS)."},{"key":"e_1_3_2_1_2_1","unstructured":"RFC 7469: Public Key Pinning Extension for HTTP.  RFC 7469: Public Key Pinning Extension for HTTP."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2010.27"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-24177-7_22"},{"key":"e_1_3_2_1_5_1","unstructured":"Blocki J. Datta A. and Bonneau J. Differentially Private Password Frequency Lists.  Blocki J. Datta A. and Bonneau J. Differentially Private Password Frequency Lists."},{"key":"e_1_3_2_1_6_1","unstructured":"BuiltWith. Framework usage statistics. http:\/\/trends.builtwith.com\/framework.  BuiltWith. Framework usage statistics. http:\/\/trends.builtwith.com\/framework."},{"key":"e_1_3_2_1_7_1","unstructured":"BuiltWith. Programming language usage. http:\/\/trends.builtwith.com\/framework\/programming-language.  BuiltWith. Programming language usage. http:\/\/trends.builtwith.com\/framework\/programming-language."},{"key":"e_1_3_2_1_8_1","unstructured":"BuiltWith. Statistics for websites using open source technologies. http:\/\/trends.builtwith.com\/cms\/open-source.  BuiltWith. Statistics for websites using open source technologies. http:\/\/trends.builtwith.com\/cms\/open-source."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1963405.1963436"},{"key":"e_1_3_2_1_10_1","unstructured":"caniuse.com. Subresource Integrity. http:\/\/caniuse.com\/#feat=subresource-integrity.  caniuse.com. Subresource Integrity. http:\/\/caniuse.com\/#feat=subresource-integrity."},{"key":"e_1_3_2_1_11_1","unstructured":"Chalmers CSE. Related materials. http:\/\/www.cse.chalmers.se\/research\/group\/security\/measuring-login-page-security.  Chalmers CSE. Related materials. http:\/\/www.cse.chalmers.se\/research\/group\/security\/measuring-login-page-security."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2665936.2665938"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-27659-5_25"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813631"},{"key":"e_1_3_2_1_15_1","unstructured":"DROWN. CVE-2016-0800.  DROWN. CVE-2016-0800."},{"key":"e_1_3_2_1_16_1","unstructured":"Fisher D. Final Report on DigiNotar Hack Shows Total Compromise of CA Servers. https:\/\/threatpost.com\/final-report-diginotar-hack-\\shows-total-compromise-ca-servers-103112\/77170\/.  Fisher D. Final Report on DigiNotar Hack Shows Total Compromise of CA Servers. https:\/\/threatpost.com\/final-report-diginotar-hack-\\shows-total-compromise-ca-servers-103112\/77170\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Google Chrome. HSTS Preload Submission. https:\/\/hstspreload.appspot.com\/.  Google Chrome. HSTS Preload Submission. https:\/\/hstspreload.appspot.com\/."},{"key":"e_1_3_2_1_18_1","unstructured":"Group C. Comodo SSL Affiliate The Recent RA Compromise https:\/\/blog.comodo.com\/other\/the-recent-ra-compromise\/.  Group C. Comodo SSL Affiliate The Recent RA Compromise https:\/\/blog.comodo.com\/other\/the-recent-ra-compromise\/."},{"key":"e_1_3_2_1_19_1","unstructured":"Heartbleed. CVE-2014-0160.  Heartbleed. CVE-2014-0160."},{"key":"e_1_3_2_1_20_1","unstructured":"Heiderich M. Mustache security https:\/\/code.google.com\/archive\/p\/mustache-security\/.  Heiderich M. Mustache security https:\/\/code.google.com\/archive\/p\/mustache-security\/."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382276"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1972551.1972558"},{"key":"e_1_3_2_1_23_1","volume-title":"NDSS","author":"Kranch M., AND","year":"2015","unstructured":"Kranch , M., AND Bonneau , J. Upgrading HTTPS in mid-air: An empirical study of strict transport security and key pinning . In NDSS ( 2015 ). Kranch, M., AND Bonneau, J. Upgrading HTTPS in mid-air: An empirical study of strict transport security and key pinning. In NDSS (2015)."},{"key":"e_1_3_2_1_24_1","volume-title":"W2SP","author":"Lekies S.","year":"2012","unstructured":"Lekies , S. , And Johns , M. Lightweight Integrity Protection for Web Storage-driven Content Caching . In W2SP ( 2012 ). Lekies, S., And Johns, M. Lightweight Integrity Protection for Web Storage-driven Content Caching. In W2SP (2012)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382267"},{"key":"e_1_3_2_1_26_1","unstructured":"Marlinspike M. sslstrip. http:\/\/www.thoughtcrime.org\/software\/sslstrip\/.  Marlinspike M. sslstrip. http:\/\/www.thoughtcrime.org\/software\/sslstrip\/."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.104"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-05149-9_12"},{"key":"e_1_3_2_1_29_1","unstructured":"Mozilla. Public Key Pinning. https:\/\/wiki.mozilla.org\/SecurityEngineering\/Public_Key_Pinning.  Mozilla. Public Key Pinning. https:\/\/wiki.mozilla.org\/SecurityEngineering\/Public_Key_Pinning."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382274"},{"key":"e_1_3_2_1_31_1","unstructured":"OAuth. OAuth. http:\/\/oauth.net\/.  OAuth. OAuth. http:\/\/oauth.net\/."},{"key":"e_1_3_2_1_32_1","unstructured":"OWASP. Cheat sheet series https:\/\/www.owasp.org\/index.php\/OWASP_Cheat_Sheet_Series.  OWASP. Cheat sheet series https:\/\/www.owasp.org\/index.php\/OWASP_Cheat_Sheet_Series."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26362-5_14"},{"key":"e_1_3_2_1_34_1","unstructured":"POODLE. CVE-2014-3566.  POODLE. CVE-2014-3566."},{"key":"e_1_3_2_1_35_1","unstructured":"Project M. mitmproxy. https:\/\/mitmproxy.org\/.  Project M. mitmproxy. https:\/\/mitmproxy.org\/."},{"key":"e_1_3_2_1_36_1","volume-title":"W2SP","author":"Rydstedt G.","year":"2010","unstructured":"Rydstedt , G. , Bursztein , E. , Boneh , D. , and Jackson , C . Busting frame busting: a study of clickjacking vulnerabilities at popular sites . In W2SP ( 2010 ). Rydstedt, G., Bursztein, E., Boneh, D., and Jackson, C. Busting frame busting: a study of clickjacking vulnerabilities at popular sites. In W2SP (2010)."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590336"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2699026.2699118"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897899"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-08593-7_8"},{"key":"e_1_3_2_1_41_1","unstructured":"VirusTotal. js.moatads.com domain information. https:\/\/www.virustotal.com\/en\/domain\/js.moatads.com\/information\/.  VirusTotal. js.moatads.com domain information. https:\/\/www.virustotal.com\/en\/domain\/js.moatads.com\/information\/."},{"key":"e_1_3_2_1_42_1","unstructured":"W3C. Mixed Content. https:\/\/www.w3.org\/TR\/mixed-content\/.  W3C. Mixed Content. https:\/\/www.w3.org\/TR\/mixed-content\/."},{"key":"e_1_3_2_1_43_1","unstructured":"W3C. Subresource Integrity. https:\/\/www.w3.org\/TR\/SRI\/.  W3C. Subresource Integrity. https:\/\/www.w3.org\/TR\/SRI\/."},{"key":"e_1_3_2_1_44_1","unstructured":"W3C. Upgrade Insecure Requests. https:\/\/www.w3.org\/TR\/upgrade-insecure-requests\/.  W3C. Upgrade Insecure Requests. https:\/\/www.w3.org\/TR\/upgrade-insecure-requests\/."},{"key":"e_1_3_2_1_45_1","unstructured":"W3techs. Usage of content languages for websites http:\/\/w3techs.com\/technologies\/overview\/content_language\/all.  W3techs. Usage of content languages for websites http:\/\/w3techs.com\/technologies\/overview\/content_language\/all."},{"key":"e_1_3_2_1_46_1","unstructured":"W3techs. Usage of content management systems for websites http:\/\/w3techs.com\/technologies\/overview\/content_management\/all.  W3techs. Usage of content management systems for websites http:\/\/w3techs.com\/technologies\/overview\/content_management\/all."},{"key":"e_1_3_2_1_47_1","unstructured":"W3techs. Usage of server-side programming languages for websites http:\/\/w3techs.com\/technologies\/overview\/programming_language\/all.  W3techs. Usage of server-side programming languages for websites http:\/\/w3techs.com\/technologies\/overview\/programming_language\/all."},{"key":"e_1_3_2_1_48_1","volume-title":"The Emperor's New Password Creation Policies","author":"Wang D.","year":"2015","unstructured":"Wang , D. , and Wang , P . The Emperor's New Password Creation Policies . 2015 . Wang, D., and Wang, P. The Emperor's New Password Creation Policies. 2015."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/2018602.2018616"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11379-1_11"},{"key":"e_1_3_2_1_51_1","volume-title":"W2SP","author":"Zhou Y.","year":"2010","unstructured":"Zhou , Y. , and Evans , D . Why aren't HTTP-only cookies more widely deployed . In W2SP ( 2010 ). Zhou, Y., and Evans, D. Why aren't HTTP-only cookies more widely deployed. In W2SP (2010)."}],"event":{"name":"SAC 2017: Symposium on Applied Computing","sponsor":["SIGAPP ACM Special Interest Group on Applied Computing"],"location":"Marrakech Morocco","acronym":"SAC 2017"},"container-title":["Proceedings of the Symposium on Applied Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3019612.3019798","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3019612.3019798","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:03:41Z","timestamp":1750215821000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3019612.3019798"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,4,3]]},"references-count":51,"alternative-id":["10.1145\/3019612.3019798","10.1145\/3019612"],"URL":"https:\/\/doi.org\/10.1145\/3019612.3019798","relation":{},"subject":[],"published":{"date-parts":[[2017,4,3]]},"assertion":[{"value":"2017-04-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}