{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T01:17:15Z","timestamp":1774315035756,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,4,21]],"date-time":"2020-04-21T00:00:00Z","timestamp":1587427200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,4,21]]},"DOI":"10.1145\/3313831.3376457","type":"proceedings-article","created":{"date-parts":[[2020,5,27]],"date-time":"2020-05-27T16:16:47Z","timestamp":1590596207000},"page":"1-13","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":21,"title":["How Mandatory Second Factor Affects the Authentication User Experience"],"prefix":"10.1145","author":[{"given":"Jacob","family":"Abbott","sequence":"first","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sameer","family":"Patil","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,4,23]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.2139\/ssrn.3142270"},{"key":"e_1_3_2_2_2_1","volume-title":"Thirty Fifth International Conference on Information Systems (ICIS ?14)","author":"Anderson Bonnie","year":"2014","unstructured":"Bonnie Anderson, Tony Vance, Brock Kirwan, David Eargle, and Seth Howard. 2014. Users aren't (necessarily) lazy: Using NeuroIS to explain habituation to security warnings. https:\/\/aisel.aisnet.org\/icis2014\/ proceedings\/ISSecurity\/28\/. In Thirty Fifth International Conference on Information Systems (ICIS ?14)."},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2015.23003"},{"key":"e_1_3_2_2_4_1","volume-title":"The Ninth Workshop on the Economics of Information Security (WEIS","author":"Bonneau Joseph","year":"2010","unstructured":"Joseph Bonneau and S\u00f6ren Preibusch. 2010. The Password Thicket: Technical and Market Failures in Human Authentication on the Web.. https:\/\/www.econinfosec.org\/archive\/weis2010\/papers\/ session3\/weis2010_bonneau.pdf. In The Ninth Workshop on the Economics of Information Security (WEIS 2010)."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180427"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1132736.1132768"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2016.457"},{"key":"e_1_3_2_2_8_1","volume-title":"15th USENIX Security Symposium (USENIX Security '06)","author":"Chiasson Sonia","year":"2006","unstructured":"Sonia Chiasson, Paul C. van Oorschot, and Robert Biddle. 2006. A Usability Study and Critique of Two Password Managers.. https:\/\/www.usenix.org\/legacy\/ events\/sec06\/tech\/full_papers\/chiasson\/chiasson.pdf. In 15th USENIX Security Symposium (USENIX Security '06). USENIX Association, 1--16."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3174030"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.69"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"crossref","unstructured":"Emiliano De Cristofaro Honglu Du Julien Freudiger and Greg Norcie. 2013. A Comparative Usability Study of Two-Factor Authentication. https:\/\/arxiv.org\/abs\/1309.5344. (2013).","DOI":"10.14722\/usec.2014.23025"},{"key":"e_1_3_2_2_12_1","volume-title":"Networked and Distributed System Security Symposium (NDSS","author":"Das Anupam","year":"2014","unstructured":"Anupam Das, Joseph Bonneau, Matthew Caesar, Nikita Borisov, and XiaoFeng Wang. 2014. The Tangled Web of Password Reuse.. https:\/\/www.ndss-symposium.org\/wpcontent\/uploads\/2017\/09\/06_1_1.pdf. In Networked and Distributed System Security Symposium (NDSS 2014)."},{"key":"e_1_3_2_2_13_1","volume-title":"Proceedings of the International Conference on Financial Cryptography and Data Security (FC '18)","author":"Das Sanchari","unstructured":"Sanchari Das, Andrew Dingman, and L. Jean Camp. 2018. Why Johnny doesn't use two factor: A two-phase usability study of the FIDO U2F security key. https:\/\/fc18.ifca.ai\/preproceedings\/111.pdf. In Proceedings of the International Conference on Financial Cryptography and Data Security (FC '18)."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00779-004-0308--5"},{"key":"e_1_3_2_2_15_1","volume-title":"Conceptual Modeling - ER 2007 (Lecture Notes in Computer Science), Christine Parent, Klaus-Dieter Schewe, Veda C","author":"Elahi Golnaz","unstructured":"Golnaz Elahi and Eric Yu. 2007. A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs. In Conceptual Modeling - ER 2007 (Lecture Notes in Computer Science), Christine Parent, Klaus-Dieter Schewe, Veda C. Storey, and Bernhard Thalheim (Eds.), Vol. 4801. Springer Berlin Heidelberg, Berlin, Heidelberg, 375--390."},{"key":"e_1_3_2_2_16_1","volume-title":"6th International Conference on Networked Computing (INC","author":"Eljetlawi Ali Mohamed","year":"2010","unstructured":"Ali Mohamed Eljetlawi. 2010. Graphical password: Existing recognition base graphical password usability. In 6th International Conference on Networked Computing (INC 2010). 1--5."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242661"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1837110.1837124"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2012.2225048"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.162"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2010.12.001"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2858036.2858267"},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0166--4115(08)62386--9"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/975817.975820"},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1193209"},{"key":"e_1_3_2_2_26_1","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Karapanos Nikolaos","year":"2015","unstructured":"Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun. 2015. Sound-Proof: Usable Two-Factor Authentication Based on Ambient Sound. https:\/\/www.usenix.org\/conference\/usenixsecurity15\/ technical-sessions\/presentation\/karapanos. In 24th USENIX Security Symposium (USENIX Security 15). USENIX Association, Washington, D.C., 483--498."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--642--24209-0_16"},{"key":"e_1_3_2_2_28_1","volume-title":"Proceedings of the Workshop on Usable Security (February","author":"Krol Kat","year":"2015","unstructured":"Kat Krol, Eleni Philippou, Emiliano De Cristofaro, and M. Angela Sasse. 2015. 'They brought in the horrible key ring thing!\" Analysing the Usability of Two-Factor Authentication in UK Online Banking. https:\/\/www.ndsssymposium.org\/wp-content\/uploads\/2017\/09\/01_1_4.pdf, Proceedings of the Workshop on Usable Security (February 2015)."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2003.819611"},{"key":"e_1_3_2_2_30_1","volume-title":"University of Virginia data breach exposed financial data. https:\/\/www.zdnet.com\/article\/university-of-virginiadata-breach-exposed-financial-data\/. (January","author":"Osborne Charlie","year":"2016","unstructured":"Charlie Osborne. 2016. University of Virginia data breach exposed financial data. https:\/\/www.zdnet.com\/article\/university-of-virginiadata-breach-exposed-financial-data\/. (January 2016). (Retrieved January 7, 2020)."},{"key":"e_1_3_2_2_31_1","volume-title":"Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA","author":"Rajivan Prashanth","year":"2016","unstructured":"Prashanth Rajivan, Pablo Moriano, Timothy Kelley, and Jean Camp. 2016. What Can Johnny Do? -- Factors in an End-User Expertise Instrument. In Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016). 199--208."},{"key":"e_1_3_2_2_32_1","volume-title":"Fifteenth Symposium on Usable Privacy and Security (SOUPS","author":"Reese Ken","year":"2019","unstructured":"Ken Reese, Trevor Smith, Jonathan Dutson, Jonathan Armknecht, Jacob Cameron, and Kent Seamons. 2019. A Usability Study of Five Two-Factor Authentication Methods. https:\/\/www.usenix.org\/conference\/soups2019\/ presentation\/reese. In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019). USENIX Association, Santa Clara, CA."},{"key":"e_1_3_2_2_33_1","volume-title":"Thirteenth Symposium on Usable Privacy and Security (SOUPS","author":"Ruoti Scott","year":"2017","unstructured":"Scott Ruoti, Tyler Monson, Justin Wu, Daniel Zappala, and Kent Seamons. 2017. Weighing Context and Trade-offs: How Suburban Adults Selected Their Online Security Posture. https:\/\/www.usenix.org\/conference\/ soups2017\/technical-sessions\/presentation\/ruoti. In Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017). USENIX Association, Santa Clara, CA, 211--228."},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--319--29938--9_5"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2016.84"},{"key":"e_1_3_2_2_36_1","volume-title":"Proceedings of the Southern Association for Information Systems Conference (SAIS","author":"Strouble Dennis D","year":"2009","unstructured":"Dennis D Strouble, Gregory Schechtman, and Alan S Alsop. 2009. Productivity and usability effects of using a two-factor security system. http:\/\/aisel.aisnet.org\/sais2009\/37. In Proceedings of the Southern Association for Information Systems Conference (SAIS 2009). 196--201."},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420976"},{"key":"e_1_3_2_2_38_1","volume-title":"Eleventh Symposium On Usable Privacy and Security (SOUPS","author":"Ur Blase","year":"2015","unstructured":"Blase Ur, Fumiko Noma, Jonathan Bees, Sean M. Segreti, Richard Shay, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. 2015. 'I Added '!' at the End to Make It Secure\": Observing Password Creation in the Lab. https:\/\/www.usenix.org\/conference\/soups2015\/ proceedings\/presentation\/ur. In Eleventh Symposium On Usable Privacy and Security (SOUPS 2015). USENIX Association, Ottawa, 123--140."},{"key":"e_1_3_2_2_39_1","volume-title":"Thirteenth Symposium on Usable Privacy and Security (SOUPS","author":"Vaziripour Elham","year":"2017","unstructured":"Elham Vaziripour, Justin Wu, Mark O'Neill, Jordan Whitehead, Scott Heidbrink, Kent Seamons, and Daniel Zappala. 2017. Is that you, Alice? A Usability Study of the Authentication Ceremony of Secure Messaging Applications. https:\/\/www.usenix.org\/conference\/ soups2017\/technical-sessions\/presentation\/vaziripour. In Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017). USENIX Association, Santa Clara, CA, 29--47."},{"key":"e_1_3_2_2_40_1","volume-title":"2016 Data Breach Investigations Report. https:\/\/enterprise.verizon.com\/resources\/ reports\/2016\/DBIR_2016_Report.pdf. (2016). (Retrieved","author":"Verizon Inc. 2016.","year":"2020","unstructured":"Verizon Inc. 2016. 2016 Data Breach Investigations Report. https:\/\/enterprise.verizon.com\/resources\/ reports\/2016\/DBIR_2016_Report.pdf. (2016). (Retrieved January 7, 2020)."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134629"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.intcom.2009.10.001"},{"key":"e_1_3_2_2_43_1","volume-title":"Proceedings of the 8th Conference on USENIX Security Symposium (SSYM ?99)","volume":"8","author":"Whitten Alma","unstructured":"Alma Whitten and J. D. Tygar. 1999. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0. https:\/\/static.usenix.org\/events\/sec99\/full_papers\/ whitten\/whitten.pdf. In Proceedings of the 8th Conference on USENIX Security Symposium (SSYM ?99), Vol. 8. USENIX Association, 14."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.64"}],"event":{"name":"CHI '20: CHI Conference on Human Factors in Computing Systems","location":"Honolulu HI USA","acronym":"CHI '20","sponsor":["SIGCHI ACM Special Interest Group on Computer-Human Interaction"]},"container-title":["Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3313831.3376457","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3313831.3376457","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:38:34Z","timestamp":1750199914000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3313831.3376457"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,4,21]]},"references-count":44,"alternative-id":["10.1145\/3313831.3376457","10.1145\/3313831"],"URL":"https:\/\/doi.org\/10.1145\/3313831.3376457","relation":{},"subject":[],"published":{"date-parts":[[2020,4,21]]},"assertion":[{"value":"2020-04-23","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}