{"id":"https://openalex.org/W3162389356","doi":"https://doi.org/10.1109/msec.2021.3077954","title":"Verify It\u2019s You: How Users Perceive Risk-Based Authentication","display_name":"Verify It\u2019s You: How Users Perceive Risk-Based Authentication","publication_year":2021,"publication_date":"2021-05-27","ids":{"openalex":"https://openalex.org/W3162389356","doi":"https://doi.org/10.1109/msec.2021.3077954","mag":"3162389356"},"language":"en","primary_location":{"id":"doi:10.1109/msec.2021.3077954","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msec.2021.3077954","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://pub.h-brs.de/files/5491/Wiefling2021_VerifyItsYou.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5089011300","display_name":"Stephan Wiefling","orcid":"https://orcid.org/0000-0001-7917-6065"},"institutions":[{"id":"https://openalex.org/I155417937","display_name":"Hochschule Bonn-Rhein-Sieg","ror":"https://ror.org/04m2anh63","country_code":"DE","type":"education","lineage":["https://openalex.org/I155417937"]},{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Stephan Wiefling","raw_affiliation_strings":["Hochschule Bonn-Rhein-Sieg, University of Applied Sciences and Ruhr University Bochum"],"affiliations":[{"raw_affiliation_string":"Hochschule Bonn-Rhein-Sieg, University of Applied Sciences and Ruhr University Bochum","institution_ids":["https://openalex.org/I155417937","https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110236021","display_name":"Markus D\u00fcrmuth","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Markus Durmuth","raw_affiliation_strings":["Ruhr University Bochum"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037591969","display_name":"Luigi Lo Iacono","orcid":"https://orcid.org/0000-0002-7863-0622"},"institutions":[{"id":"https://openalex.org/I155417937","display_name":"Hochschule Bonn-Rhein-Sieg","ror":"https://ror.org/04m2anh63","country_code":"DE","type":"education","lineage":["https://openalex.org/I155417937"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Luigi Lo Iacono","raw_affiliation_strings":["Hochschule Bonn-Rhein-Sieg, University of Applied Sciences"],"affiliations":[{"raw_affiliation_string":"Hochschule Bonn-Rhein-Sieg, University of Applied Sciences","institution_ids":["https://openalex.org/I155417937"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5089011300"],"corresponding_institution_ids":["https://openalex.org/I155417937","https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":3.4121,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.9314398,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":"19","issue":"6","first_page":"47","last_page":"57"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.7586709260940552},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6717987060546875},{"id":"https://openalex.org/keywords/challenge\u2013response-authentication","display_name":"Challenge\u2013response authentication","score":0.6428790092468262},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.6426296234130859},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6378561854362488},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6244539022445679},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.607858419418335},{"id":"https://openalex.org/keywords/s/key","display_name":"S/KEY","score":0.5297133922576904},{"id":"https://openalex.org/keywords/chip-authentication-program","display_name":"Chip Authentication Program","score":0.520497739315033},{"id":"https://openalex.org/keywords/email-authentication","display_name":"Email authentication","score":0.45979616045951843},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.4505777657032013},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.44429776072502136},{"id":"https://openalex.org/keywords/lightweight-extensible-authentication-protocol","display_name":"Lightweight Extensible Authentication Protocol","score":0.4413513243198395},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3619217872619629},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.30269455909729004},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.15835040807724}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.7586709260940552},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6717987060546875},{"id":"https://openalex.org/C131129157","wikidata":"https://www.wikidata.org/wiki/Q1059963","display_name":"Challenge\u2013response authentication","level":4,"score":0.6428790092468262},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.6426296234130859},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6378561854362488},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6244539022445679},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.607858419418335},{"id":"https://openalex.org/C4957475","wikidata":"https://www.wikidata.org/wiki/Q242186","display_name":"S/KEY","level":3,"score":0.5297133922576904},{"id":"https://openalex.org/C142124187","wikidata":"https://www.wikidata.org/wiki/Q5101471","display_name":"Chip Authentication Program","level":5,"score":0.520497739315033},{"id":"https://openalex.org/C550791530","wikidata":"https://www.wikidata.org/wiki/Q5368811","display_name":"Email authentication","level":5,"score":0.45979616045951843},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.4505777657032013},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.44429776072502136},{"id":"https://openalex.org/C167169670","wikidata":"https://www.wikidata.org/wiki/Q1824705","display_name":"Lightweight Extensible Authentication Protocol","level":4,"score":0.4413513243198395},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3619217872619629},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.30269455909729004},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.15835040807724}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/msec.2021.3077954","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msec.2021.3077954","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"},{"id":"pmh:oai:pub.h-brs.de:5491","is_oa":true,"landing_page_url":"https://pub.h-brs.de/frontdoor/index/index/docId/5491","pdf_url":"https://pub.h-brs.de/files/5491/Wiefling2021_VerifyItsYou.pdf","source":{"id":"https://openalex.org/S4306400385","display_name":"Publication Server of Bonn-Rhein-Sieg University of Applied Sciences (Bonn-Rhein-Sieg University of Applied Sciences)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I135140700","host_organization_name":"University of Bonn","host_organization_lineage":["https://openalex.org/I135140700"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Security & Privacy, vol. 19, no. 6, pp. 47\u201357, Nov. 2021","raw_type":"acceptedVersion"}],"best_oa_location":{"id":"pmh:oai:pub.h-brs.de:5491","is_oa":true,"landing_page_url":"https://pub.h-brs.de/frontdoor/index/index/docId/5491","pdf_url":"https://pub.h-brs.de/files/5491/Wiefling2021_VerifyItsYou.pdf","source":{"id":"https://openalex.org/S4306400385","display_name":"Publication Server of Bonn-Rhein-Sieg University of Applied Sciences (Bonn-Rhein-Sieg University of Applied Sciences)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I135140700","host_organization_name":"University of Bonn","host_organization_lineage":["https://openalex.org/I135140700"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Security & Privacy, vol. 19, no. 6, pp. 47\u201357, Nov. 2021","raw_type":"acceptedVersion"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320328599","display_name":"Ministerium f\u00fcr Kultur und Wissenschaft des Landes Nordrhein-Westfalen","ror":null}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W3162389356.pdf"},"referenced_works_count":16,"referenced_works":["https://openalex.org/W1966976587","https://openalex.org/W2019380907","https://openalex.org/W2055843755","https://openalex.org/W2156765389","https://openalex.org/W2396652156","https://openalex.org/W2905372988","https://openalex.org/W2952071009","https://openalex.org/W2968548076","https://openalex.org/W3068296915","https://openalex.org/W3090113120","https://openalex.org/W3103908128","https://openalex.org/W3112829444","https://openalex.org/W3196048063","https://openalex.org/W3209306758","https://openalex.org/W4294214983","https://openalex.org/W6767171021"],"related_works":["https://openalex.org/W2050433615","https://openalex.org/W128488073","https://openalex.org/W2726319079","https://openalex.org/W2911390896","https://openalex.org/W4322746237","https://openalex.org/W2246465154","https://openalex.org/W2391339101","https://openalex.org/W2165734747","https://openalex.org/W2036439773","https://openalex.org/W2265342806"],"abstract_inverted_index":{"Risk-based":[0],"authentication":[1,12,31],"(RBA)":[2],"is":[3],"an":[4],"adaptive":[5],"security":[6],"measure":[7],"used":[8],"to":[9],"strengthen":[10],"password-based":[11],"against":[13],"account":[14],"takeover":[15],"attacks.":[16],"Our":[17],"study":[18],"on":[19],"65":[20],"participants":[21],"shows":[22],"that":[23],"users":[24],"find":[25],"RBA":[26],"more":[27,34],"usable":[28],"than":[29,36],"two-factor":[30],"equivalents":[32],"and":[33],"secure":[35],"password-only":[37],"authentication.":[38]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":4}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}