{"id":"https://openalex.org/W3003847829","doi":"https://doi.org/10.1109/access.2020.2981207","title":"A Longitudinal Study on Web-Sites Password Management (in)Security: Evidence and Remedies","display_name":"A Longitudinal Study on Web-Sites Password Management (in)Security: Evidence and Remedies","publication_year":2020,"publication_date":"2020-01-01","ids":{"openalex":"https://openalex.org/W3003847829","doi":"https://doi.org/10.1109/access.2020.2981207","mag":"3003847829"},"language":"en","primary_location":{"id":"doi:10.1109/access.2020.2981207","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2020.2981207","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09037276.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09037276.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090825552","display_name":"Simone Raponi","orcid":"https://orcid.org/0000-0002-1813-546X"},"institutions":[{"id":"https://openalex.org/I4210144839","display_name":"Hamad bin Khalifa University","ror":"https://ror.org/03eyq4y97","country_code":"QA","type":"education","lineage":["https://openalex.org/I4210144839"]}],"countries":["QA"],"is_corresponding":true,"raw_author_name":"Simone Raponi","raw_affiliation_strings":["Information and Computing Technology Division, College of Science and Engineering, Hamad Bin Khalifa University, Doha, Qatar"],"affiliations":[{"raw_affiliation_string":"Information and Computing Technology Division, College of Science and Engineering, Hamad Bin Khalifa University, Doha, Qatar","institution_ids":["https://openalex.org/I4210144839"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065932621","display_name":"Roberto Di Pietro","orcid":"https://orcid.org/0000-0003-1909-0336"},"institutions":[{"id":"https://openalex.org/I4210144839","display_name":"Hamad bin Khalifa University","ror":"https://ror.org/03eyq4y97","country_code":"QA","type":"education","lineage":["https://openalex.org/I4210144839"]}],"countries":["QA"],"is_corresponding":false,"raw_author_name":"Roberto Di Pietro","raw_affiliation_strings":["Information and Computing Technology Division, College of Science and Engineering, Hamad Bin Khalifa University, Doha, Qatar"],"affiliations":[{"raw_affiliation_string":"Information and Computing Technology Division, College of Science and Engineering, Hamad Bin Khalifa University, Doha, Qatar","institution_ids":["https://openalex.org/I4210144839"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5090825552"],"corresponding_institution_ids":["https://openalex.org/I4210144839"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.01325466,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"8","issue":null,"first_page":"52075","last_page":"52090"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9876999855041504,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.8489463925361633},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7122995853424072},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7039216756820679},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.5163706541061401},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.46921172738075256},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.4399830400943756},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4290482997894287},{"id":"https://openalex.org/keywords/cognitive-password","display_name":"Cognitive password","score":0.42207422852516174},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.3396618366241455}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.8489463925361633},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7122995853424072},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7039216756820679},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.5163706541061401},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.46921172738075256},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.4399830400943756},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4290482997894287},{"id":"https://openalex.org/C23875713","wikidata":"https://www.wikidata.org/wiki/Q5141232","display_name":"Cognitive password","level":5,"score":0.42207422852516174},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.3396618366241455}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.1109/access.2020.2981207","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2020.2981207","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09037276.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:1911.08565","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1911.08565","pdf_url":"https://arxiv.org/pdf/1911.08565","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:3003847829","is_oa":true,"landing_page_url":"https://arxiv.org/abs/1911.08565","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"pmh:oai:doaj.org/article:0ffb0d49bf804b659319418a7e58f13e","is_oa":true,"landing_page_url":"https://doaj.org/article/0ffb0d49bf804b659319418a7e58f13e","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 8, Pp 52075-52090 (2020)","raw_type":"article"},{"id":"pmh:oai:figshare.com:article/24025236","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/A_Longitudinal_Study_on_Web-Sites_Password_Management_in_Security_Evidence_and_Remedies/24025236","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"doi:10.48550/arxiv.1911.08565","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.1911.08565","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2020.2981207","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2020.2981207","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09037276.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4332429152","display_name":null,"funder_award_id":"UREP 23-065-1-014","funder_id":"https://openalex.org/F4320332753","funder_display_name":"Qatar National Research Fund"},{"id":"https://openalex.org/G739498812","display_name":null,"funder_award_id":"NPRP X-063-1-014","funder_id":"https://openalex.org/F4320332753","funder_display_name":"Qatar National Research Fund"},{"id":"https://openalex.org/G8221332722","display_name":null,"funder_award_id":"X-063-1-014","funder_id":"https://openalex.org/F4320332753","funder_display_name":"Qatar National Research Fund"},{"id":"https://openalex.org/G8300622961","display_name":null,"funder_award_id":"NPRP 11S-0109-180242","funder_id":"https://openalex.org/F4320332753","funder_display_name":"Qatar National Research Fund"},{"id":"https://openalex.org/G8903927038","display_name":null,"funder_award_id":"NPRP X-063-1-014","funder_id":"https://openalex.org/F4320309815","funder_display_name":"Qatar Foundation"}],"funders":[{"id":"https://openalex.org/F4320309815","display_name":"Qatar Foundation","ror":"https://ror.org/01cawbq05"},{"id":"https://openalex.org/F4320321038","display_name":"Fonds National de la Recherche Luxembourg","ror":"https://ror.org/039z13y21"},{"id":"https://openalex.org/F4320332753","display_name":"Qatar National Research Fund","ror":"https://ror.org/01svaqq28"},{"id":"https://openalex.org/F4320334468","display_name":"Qatar National Library","ror":"https://ror.org/02jv93662"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3003847829.pdf","grobid_xml":"https://content.openalex.org/works/W3003847829.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W89732088","https://openalex.org/W1487941708","https://openalex.org/W1509135693","https://openalex.org/W2003159817","https://openalex.org/W2014580322","https://openalex.org/W2022945883","https://openalex.org/W2030515859","https://openalex.org/W2100783932","https://openalex.org/W2110695853","https://openalex.org/W2113936660","https://openalex.org/W2133824719","https://openalex.org/W2137215443","https://openalex.org/W2141420453","https://openalex.org/W2162176660","https://openalex.org/W2171920515","https://openalex.org/W2172042037","https://openalex.org/W2243132820","https://openalex.org/W2259603426","https://openalex.org/W2792577982","https://openalex.org/W2792590405","https://openalex.org/W2905913776","https://openalex.org/W2963108375","https://openalex.org/W6679652390"],"related_works":["https://openalex.org/W2796791247","https://openalex.org/W2396697587","https://openalex.org/W2963559715","https://openalex.org/W1481528755","https://openalex.org/W2614301580","https://openalex.org/W2322703919","https://openalex.org/W3021176754","https://openalex.org/W2832202335","https://openalex.org/W3107190684","https://openalex.org/W1416027901","https://openalex.org/W2772804089","https://openalex.org/W2188081857","https://openalex.org/W2184889543","https://openalex.org/W2025744023","https://openalex.org/W2006809639","https://openalex.org/W2185938177","https://openalex.org/W2268681468","https://openalex.org/W3119663584","https://openalex.org/W2343700560","https://openalex.org/W2751119110"],"abstract_inverted_index":{"Single-factor":[0],"password-based":[1],"authentication":[2,13],"is":[3,14,189,239],"generally":[4],"the":[5,30,37,42,45,50,64,70,78,86,95,101,116,145,194,207,212,222,226,253],"norm":[6],"to":[7,17,35,89,127,172,181,191,203,214],"access":[8],"on-line":[9,90],"Web-sites.":[10,104],"While":[11],"single-factor":[12],"well":[15],"known":[16],"be":[18,167],"a":[19,24,53,56,128,140,161,177],"weak":[20],"form":[21],"of":[22,55,80,100,144,151,232],"authentication,":[23],"further":[25],"concern":[26],"arises":[27],"when":[28],"considering":[29],"possibility":[31],"for":[32],"an":[33,122],"attacker":[34,117],"recover":[36],"user":[38,217],"passwords":[39],"by":[40,52,69,98,169,225],"leveraging":[41],"loopholes":[43],"in":[44,134,220],"password":[46,58,67,91,178],"recovery":[47,92,179],"mechanisms.":[48],"Indeed,":[49],"adoption":[51],"Web-site":[54,171],"poor":[57],"management":[59,235],"system":[60],"makes":[61],"useless":[62],"even":[63],"most":[65,102],"robust":[66],"chosen":[68],"registered":[71,174,251],"users.":[72],"In":[73,105],"this":[74,244],"paper,":[75],"building":[76],"on":[77,249],"results":[79],"our":[81],"previous":[82],"work,":[83],"we":[84,107,112,120,131,138,158],"study":[85,130,245],"possible":[87],"attacks":[88],"systems":[93],"analyzing":[94],"mechanisms":[96,219],"implemented":[97],"some":[99],"popular":[103],"detail,":[106],"provide":[108,121,173],"several":[109],"contributions:":[110],"(i)":[111],"revise":[113],"and":[114],"detail":[115],"model;":[118],"(ii)":[119],"updated":[123],"analysis":[124,143],"with":[125,176,206],"respect":[126],"preliminary":[129],"carried":[132],"out":[133],"December":[135],"2017;":[136],"(iii)":[137],"perform":[139],"brand":[141],"new":[142],"current":[146],"top":[147],"200":[148],"Alexa's":[149],"Web-sites":[150,196],"five":[152],"major":[153],"EU":[154,250],"countries;":[155],"and,":[156],"(iv)":[157],"propose":[159],"Maildust,":[160],"working":[162],"open-source":[163],"module":[164],"that":[165,211,242],"could":[166],"adopted":[168],"any":[170],"users":[175],"mechanism":[180],"prevent":[182],"mail":[183],"service":[184],"provider-level":[185],"attacks.":[186],"Overall,":[187],"it":[188,238],"striking":[190],"notice":[192],"how":[193],"analyzed":[195],"have":[197,215],"made":[198],"little":[199],"(if":[200],"any)":[201],"effort":[202],"become":[204],"compliant":[205],"GDPR":[208],"regulation,":[209],"showing":[210],"objective":[213],"basic":[216],"protection":[218],"place-despite":[221],"fines":[223],"threatened":[224],"GDPR-is":[227],"still":[228],"far,":[229],"mainly":[230],"because":[231],"sub-standard":[233],"security":[234],"practices.":[236],"Finally,":[237],"worth":[240],"noting":[241],"while":[243],"has":[246],"been":[247],"focused":[248],"Web-sites,":[252],"proposed":[254],"solution":[255],"has,":[256],"instead,":[257],"general":[258],"applicability.":[259]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}