{"id":"https://openalex.org/W2545003798","doi":"https://doi.org/10.1109/wifs.2011.6123150","title":"Painless migration from passwords to two factor authentication","display_name":"Painless migration from passwords to two factor authentication","publication_year":2011,"publication_date":"2011-11-01","ids":{"openalex":"https://openalex.org/W2545003798","doi":"https://doi.org/10.1109/wifs.2011.6123150","mag":"2545003798"},"language":"en","primary_location":{"id":"doi:10.1109/wifs.2011.6123150","is_oa":false,"landing_page_url":"https://doi.org/10.1109/wifs.2011.6123150","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 IEEE International Workshop on Information Forensics and Security","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5109399166","display_name":"Ziqing Mao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210114444","display_name":"Meta (United States)","ror":"https://ror.org/01zbnvs85","country_code":"US","type":"company","lineage":["https://openalex.org/I4210114444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ziqing Mao","raw_affiliation_strings":["Facebook, Inc., Palo Alto, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Facebook, Inc., Palo Alto, CA, USA","institution_ids":["https://openalex.org/I4210114444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088040986","display_name":"Dinei Flor\u00eancio","orcid":null},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dinei Florencio","raw_affiliation_strings":["Microsoft Research, Redmond, WA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Microsoft Research, Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5059864632","display_name":"Cormac Herley","orcid":"https://orcid.org/0000-0001-8436-5776"},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cormac Herley","raw_affiliation_strings":["Microsoft Research, Redmond, WA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Microsoft Research, Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10828","display_name":"Biometric Identification and Security","score":0.9850000143051147,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.8527615070343018},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7270632982254028},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.7095500826835632},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.7070350050926208},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6447676420211792},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6394278407096863},{"id":"https://openalex.org/keywords/s/key","display_name":"S/KEY","score":0.5592858195304871},{"id":"https://openalex.org/keywords/lightweight-extensible-authentication-protocol","display_name":"Lightweight Extensible Authentication Protocol","score":0.4356909394264221},{"id":"https://openalex.org/keywords/chip-authentication-program","display_name":"Chip Authentication Program","score":0.420645147562027},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.4051809310913086},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.37110814452171326}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.8527615070343018},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7270632982254028},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.7095500826835632},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.7070350050926208},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6447676420211792},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6394278407096863},{"id":"https://openalex.org/C4957475","wikidata":"https://www.wikidata.org/wiki/Q242186","display_name":"S/KEY","level":3,"score":0.5592858195304871},{"id":"https://openalex.org/C167169670","wikidata":"https://www.wikidata.org/wiki/Q1824705","display_name":"Lightweight Extensible Authentication Protocol","level":4,"score":0.4356909394264221},{"id":"https://openalex.org/C142124187","wikidata":"https://www.wikidata.org/wiki/Q5101471","display_name":"Chip Authentication Program","level":5,"score":0.420645147562027},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.4051809310913086},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.37110814452171326}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/wifs.2011.6123150","is_oa":false,"landing_page_url":"https://doi.org/10.1109/wifs.2011.6123150","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 IEEE International Workshop on Information Forensics and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities","score":0.6299999952316284}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W151129402","https://openalex.org/W170643029","https://openalex.org/W186464874","https://openalex.org/W312335232","https://openalex.org/W1498527206","https://openalex.org/W1575543897","https://openalex.org/W1788061570","https://openalex.org/W2023316524","https://openalex.org/W2063539698","https://openalex.org/W2113446256","https://openalex.org/W2119545418","https://openalex.org/W2132303913","https://openalex.org/W2143052391","https://openalex.org/W2152891447","https://openalex.org/W2159651836","https://openalex.org/W2161020477","https://openalex.org/W2165433201","https://openalex.org/W4285719527","https://openalex.org/W4289126832","https://openalex.org/W6606081787","https://openalex.org/W6610825993","https://openalex.org/W6634543181","https://openalex.org/W6679396685"],"related_works":["https://openalex.org/W2943527182","https://openalex.org/W2393298610","https://openalex.org/W2050433615","https://openalex.org/W2726319079","https://openalex.org/W2246465154","https://openalex.org/W128488073","https://openalex.org/W2973958177","https://openalex.org/W2029011328","https://openalex.org/W4322746237","https://openalex.org/W2099625761"],"abstract_inverted_index":{"In":[0,79],"spite":[1],"of":[2,7,27,46,70,114,147],"growing":[3],"frequency":[4],"and":[5,21,32,73,140,145,183],"sophistication":[6],"attacks":[8],"two":[9,47,58,95,132,165,186],"factor":[10,26,48,59,96,166,187],"authentication":[11,28,60,91,134,157,188],"schemes":[12],"have":[13,179],"seen":[14],"very":[15],"limited":[16],"adoption":[17],"in":[18,44],"the":[19,24,36,124,148,155,164,172,181],"US,":[20],"passwords":[22,55,138,144],"remain":[23],"single":[25],"for":[29],"most":[30],"bank":[31,152],"brokerage":[33],"accounts.":[34],"Clearly":[35],"cost":[37],"benefit":[38],"analysis":[39],"is":[40,102,105,127,170],"not":[41],"as":[42,49],"strongly":[43],"favor":[45],"we":[50,82],"might":[51],"imagine.":[52],"Upgrading":[53],"from":[54],"to":[56,86,123,163],"a":[57,64,68,74,84,88,94,108,115,141],"system":[61,85,101,126,182],"usually":[62],"involves":[63],"large":[65],"engineering":[66],"effort,":[67],"discontinuity":[69],"user":[71],"experience":[72],"hard":[75],"key":[76],"management":[77],"problem.":[78],"this":[80],"paper":[81],"describe":[83],"convert":[87],"legacy":[89,125],"password":[90,100,156],"server":[92,110],"into":[93],"system.":[97],"The":[98,151],"existing":[99],"untouched,":[103],"but":[104],"cascaded":[106],"with":[107],"new":[109],"that":[111],"verifies":[112],"possession":[113,146],"smartphone":[116],"device.":[117,150],"No":[118],"alteration,":[119],"patching":[120],"or":[121],"updates":[122],"necessary.":[128],"There":[129],"are":[130],"now":[131],"alternative":[133],"paths:":[135],"one":[136],"using":[137,143],"alone,":[139],"second":[142],"trusted":[149],"can":[153,175],"leave":[154],"path":[158,174],"available":[159],"while":[160],"users":[161],"migrate":[162],"scheme.":[167],"Once":[168],"migration":[169],"complete":[171],"password-only":[173],"be":[176],"severed.":[177],"We":[178],"implemented":[180],"carried":[184],"out":[185],"against":[189],"real":[190],"accounts":[191],"at":[192],"several":[193],"major":[194],"banks.":[195]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":4}],"updated_date":"2026-07-15T18:14:33.161393","created_date":"2025-10-10T00:00:00"}
