{"id":"https://openalex.org/W2104773223","doi":"https://doi.org/10.1145/1143120.1143127","title":"Password management strategies for online accounts","display_name":"Password management strategies for online accounts","publication_year":2006,"publication_date":"2006-01-01","ids":{"openalex":"https://openalex.org/W2104773223","doi":"https://doi.org/10.1145/1143120.1143127","mag":"2104773223"},"language":"en","primary_location":{"id":"doi:10.1145/1143120.1143127","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1143120.1143127","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the second symposium on Usable privacy and security  - SOUPS '06","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5006394008","display_name":"Shirley Gaw","orcid":null},"institutions":[{"id":"https://openalex.org/I20089843","display_name":"Princeton University","ror":"https://ror.org/00hx57361","country_code":"US","type":"education","lineage":["https://openalex.org/I20089843"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shirley Gaw","raw_affiliation_strings":["Princeton University, Princeton, NJ","Princeton Univ., Princeton , NJ"],"affiliations":[{"raw_affiliation_string":"Princeton University, Princeton, NJ","institution_ids":["https://openalex.org/I20089843"]},{"raw_affiliation_string":"Princeton Univ., Princeton , NJ","institution_ids":["https://openalex.org/I20089843"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108360806","display_name":"Edward W. Felten","orcid":null},"institutions":[{"id":"https://openalex.org/I20089843","display_name":"Princeton University","ror":"https://ror.org/00hx57361","country_code":"US","type":"education","lineage":["https://openalex.org/I20089843"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Edward W. Felten","raw_affiliation_strings":["Princeton University, Princeton, NJ","Princeton Univ., Princeton , NJ"],"affiliations":[{"raw_affiliation_string":"Princeton University, Princeton, NJ","institution_ids":["https://openalex.org/I20089843"]},{"raw_affiliation_string":"Princeton Univ., Princeton , NJ","institution_ids":["https://openalex.org/I20089843"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5006394008"],"corresponding_institution_ids":["https://openalex.org/I20089843"],"apc_list":null,"apc_paid":null,"fwci":30.1654,"has_fulltext":false,"cited_by_count":369,"citation_normalized_percentile":{"value":0.99549018,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"44","last_page":"44"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9835000038146973,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9700999855995178,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.9650089144706726},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.6802250742912292},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6724377870559692},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.665337085723877},{"id":"https://openalex.org/keywords/cognitive-password","display_name":"Cognitive password","score":0.6335728168487549},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6276472210884094},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.5776989459991455},{"id":"https://openalex.org/keywords/reuse","display_name":"Reuse","score":0.564119815826416},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.4970302879810333},{"id":"https://openalex.org/keywords/password-strength","display_name":"Password strength","score":0.4724099040031433},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.45224061608314514},{"id":"https://openalex.org/keywords/phone","display_name":"Phone","score":0.443387895822525},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.32368505001068115},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1149422824382782}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.9650089144706726},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.6802250742912292},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6724377870559692},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.665337085723877},{"id":"https://openalex.org/C23875713","wikidata":"https://www.wikidata.org/wiki/Q5141232","display_name":"Cognitive password","level":5,"score":0.6335728168487549},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6276472210884094},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5776989459991455},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.564119815826416},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.4970302879810333},{"id":"https://openalex.org/C70530487","wikidata":"https://www.wikidata.org/wiki/Q1990841","display_name":"Password strength","level":4,"score":0.4724099040031433},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.45224061608314514},{"id":"https://openalex.org/C2778707766","wikidata":"https://www.wikidata.org/wiki/Q202064","display_name":"Phone","level":2,"score":0.443387895822525},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.32368505001068115},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1149422824382782},{"id":"https://openalex.org/C548081761","wikidata":"https://www.wikidata.org/wiki/Q180388","display_name":"Waste management","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/1143120.1143127","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1143120.1143127","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the second symposium on Usable privacy and security  - SOUPS '06","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.136.6196","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.136.6196","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.princeton.edu/~sgaw/publications/26May-SOUPS.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W128619364","https://openalex.org/W1485033854","https://openalex.org/W1505010935","https://openalex.org/W1506796649","https://openalex.org/W1559498407","https://openalex.org/W1582830784","https://openalex.org/W1607915502","https://openalex.org/W1921097329","https://openalex.org/W2016310229","https://openalex.org/W2016453004","https://openalex.org/W2025448348","https://openalex.org/W2032506535","https://openalex.org/W2037202491","https://openalex.org/W2066345778","https://openalex.org/W2075940395","https://openalex.org/W2084044852","https://openalex.org/W2100783932","https://openalex.org/W2116371103","https://openalex.org/W2136773629","https://openalex.org/W2149929743","https://openalex.org/W2911384745","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2969720675","https://openalex.org/W4317418593","https://openalex.org/W2359085393","https://openalex.org/W4221040820","https://openalex.org/W2936467198","https://openalex.org/W2596766976","https://openalex.org/W2021087413","https://openalex.org/W2182949018","https://openalex.org/W2156083280","https://openalex.org/W4214849386"],"abstract_inverted_index":{"Given":[0],"the":[1,128,139],"widespread":[2],"use":[3],"of":[4,46,64],"password":[5,35,79,177,189],"authentication":[6,186],"in":[7,184],"online":[8],"correspondence,":[9],"subscription":[10],"services,":[11],"and":[12,55,71,105,131,167,188],"shopping,":[13],"there":[14],"is":[15],"growing":[16],"concern":[17],"about":[18],"identity":[19],"theft.":[20],"When":[21],"people":[22,84],"reuse":[23,80],"their":[24,31,96,143],"passwords":[25,52,70,72,109,111,154],"across":[26],"multiple":[27],"accounts,":[28],"they":[29,53,58,99],"increase":[30],"vulnerability;":[32],"compromising":[33],"one":[34],"can":[36,159],"help":[37],"an":[38],"attacker":[39],"take":[40],"over":[41,77],"several":[42],"accounts.":[43],"Our":[44],"study":[45],"49":[47],"undergraduates":[48],"quantifies":[49],"how":[50,56,172],"many":[51],"had":[54,66],"often":[57],"reused":[59,74],"these":[60],"passwords.":[61,93],"The":[62],"majority":[63],"users":[65],"three":[67],"or":[68],"fewer":[69],"were":[73],"twice.":[75],"Furthermore,":[76],"time,":[78],"rates":[81],"increased":[82],"because":[83],"accumulated":[85],"more":[86,92],"accounts":[87],"but":[88],"did":[89,136],"not":[90,137],"create":[91],"Users":[94,115],"justified":[95],"habits.":[97],"While":[98],"wanted":[100],"to":[101,113,125,150],"protect":[102],"financial":[103],"data":[104],"personal":[106],"communication,":[107],"reusing":[108],"made":[110],"easier":[112],"manage.":[114],"visualized":[116],"threats":[117],"from":[118,142],"human":[119,140],"attackers,":[120],"particularly":[121],"viewing":[122],"those":[123],"close":[124],"them":[126],"as":[127,156],"most":[129],"motivated":[130],"able":[132],"attackers;":[133],"however,":[134],"participants":[135],"separate":[138],"attackers":[141],"potentially":[144],"automated":[145],"tools.":[146],"They":[147],"sometimes":[148],"failed":[149],"realize":[151],"that":[152],"personalized":[153],"such":[155],"phone":[157],"numbers":[158],"be":[160],"cracked":[161],"given":[162],"a":[163],"large":[164],"enough":[165,168],"dictionary":[166],"tries.":[169],"We":[170,179],"discuss":[171],"current":[173],"systems":[174,187],"support":[175],"poor":[176],"practices.":[178],"also":[180],"present":[181],"potential":[182],"changes":[183],"website":[185],"managers.":[190]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":15},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":10},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":8},{"year":2019,"cited_by_count":15},{"year":2018,"cited_by_count":21},{"year":2017,"cited_by_count":29},{"year":2016,"cited_by_count":36},{"year":2015,"cited_by_count":32},{"year":2014,"cited_by_count":39},{"year":2013,"cited_by_count":47},{"year":2012,"cited_by_count":28}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}