{"id":"https://openalex.org/W2111434316","doi":"https://doi.org/10.1145/1655062.1655067","title":"Building robust authentication systems with activity-based personal questions","display_name":"Building robust authentication systems with activity-based personal questions","publication_year":2009,"publication_date":"2009-11-09","ids":{"openalex":"https://openalex.org/W2111434316","doi":"https://doi.org/10.1145/1655062.1655067","mag":"2111434316"},"language":"en","primary_location":{"id":"doi:10.1145/1655062.1655067","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1655062.1655067","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2nd ACM workshop on Assurable and usable security configuration","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055449563","display_name":"Anitra Babic","orcid":null},"institutions":[{"id":"https://openalex.org/I202522242","display_name":"Chestnut Hill College","ror":"https://ror.org/05bjd0w70","country_code":"US","type":"education","lineage":["https://openalex.org/I202522242"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Anitra Babic","raw_affiliation_strings":["Computer Science Department, Chestnut Hill College, Philadelphia, USA","Computer Science Department, Chestnut Hill College, Philadelphia, USA#TAB#"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, Chestnut Hill College, Philadelphia, USA","institution_ids":["https://openalex.org/I202522242"]},{"raw_affiliation_string":"Computer Science Department, Chestnut Hill College, Philadelphia, USA#TAB#","institution_ids":["https://openalex.org/I202522242"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046494511","display_name":"Huijun Xiong","orcid":null},"institutions":[{"id":"https://openalex.org/I102322142","display_name":"Rutgers, The State University of New Jersey","ror":"https://ror.org/05vt9qd57","country_code":"US","type":"education","lineage":["https://openalex.org/I102322142"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Huijun Xiong","raw_affiliation_strings":["Rutgers University, New Brunswick, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Rutgers University, New Brunswick, NJ, USA","institution_ids":["https://openalex.org/I102322142"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034366344","display_name":"Danfeng Yao","orcid":"https://orcid.org/0000-0001-8969-2792"},"institutions":[{"id":"https://openalex.org/I102322142","display_name":"Rutgers, The State University of New Jersey","ror":"https://ror.org/05vt9qd57","country_code":"US","type":"education","lineage":["https://openalex.org/I102322142"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Danfeng Yao","raw_affiliation_strings":["rutgers university, New Brunswick, NJ, USA"],"affiliations":[{"raw_affiliation_string":"rutgers university, New Brunswick, NJ, USA","institution_ids":["https://openalex.org/I102322142"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5083907939","display_name":"Liviu Iftode","orcid":null},"institutions":[{"id":"https://openalex.org/I102322142","display_name":"Rutgers, The State University of New Jersey","ror":"https://ror.org/05vt9qd57","country_code":"US","type":"education","lineage":["https://openalex.org/I102322142"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Liviu Iftode","raw_affiliation_strings":["Rutgers University, New Brunswick, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Rutgers University, New Brunswick, NJ, USA","institution_ids":["https://openalex.org/I102322142"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5055449563"],"corresponding_institution_ids":["https://openalex.org/I202522242"],"apc_list":null,"apc_paid":null,"fwci":0.7403,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.83050576,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"19","last_page":"24"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7905952334403992},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.6924100518226624},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6872267127037048},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.6333528757095337},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.536115825176239},{"id":"https://openalex.org/keywords/captcha","display_name":"CAPTCHA","score":0.5181456804275513},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.500788688659668},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.458574116230011},{"id":"https://openalex.org/keywords/conceptual-model","display_name":"Conceptual model","score":0.42401739954948425},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.32602453231811523},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.12053048610687256}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7905952334403992},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.6924100518226624},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6872267127037048},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.6333528757095337},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.536115825176239},{"id":"https://openalex.org/C163339463","wikidata":"https://www.wikidata.org/wiki/Q484598","display_name":"CAPTCHA","level":2,"score":0.5181456804275513},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.500788688659668},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.458574116230011},{"id":"https://openalex.org/C13606891","wikidata":"https://www.wikidata.org/wiki/Q2623243","display_name":"Conceptual model","level":2,"score":0.42401739954948425},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.32602453231811523},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.12053048610687256},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1655062.1655067","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1655062.1655067","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2nd ACM workshop on Assurable and usable security configuration","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W1485200701","https://openalex.org/W1574901103","https://openalex.org/W1579838312","https://openalex.org/W1582937643","https://openalex.org/W2107911557","https://openalex.org/W2108287887","https://openalex.org/W2150451032","https://openalex.org/W2752929869","https://openalex.org/W6676251214"],"related_works":["https://openalex.org/W3134776999","https://openalex.org/W1975364925","https://openalex.org/W2064097623","https://openalex.org/W1966530388","https://openalex.org/W2566963304","https://openalex.org/W2028308373","https://openalex.org/W2111502540","https://openalex.org/W1502766620","https://openalex.org/W2770704788","https://openalex.org/W252831664"],"abstract_inverted_index":{"A":[0],"recent":[1],"study":[2,17],"found":[3],"that":[4,52,70,106],"the":[5,27,40,114],"widely-used":[6],"secret":[7,21,54],"questions":[8,22,55,69],"for":[9,26,59,135],"Web":[10],"authentication":[11,38,138],"can":[12],"easily":[13],"be":[14,57],"guessed.":[15],"The":[16],"focused":[18],"on":[19],"making":[20],"easier":[23],"to":[24,31,61],"remember":[25],"user":[28,75],"and":[29,46,104,132],"harder":[30],"break":[32],"by":[33],"others.":[34],"Our":[35,99],"approach":[36],"is":[37,110],"through":[39,140],"use":[41],"of":[42,68,74,119],"an":[43],"individual's":[44],"personal":[45],"dynamic":[47,122],"Internet":[48],"activities.":[49],"We":[50,63],"hypothesize":[51],"frequently-changing":[53],"will":[56],"hard":[58],"attackers":[60],"guess.":[62],"propose":[64],"three":[65],"major":[66],"categories":[67],"are":[71,102],"based":[72],"off":[73],"activities:":[76],"network":[77],"activities":[78],"(e.g.,":[79,92],"browsing":[80],"history,":[81],"emails);":[82],"physical":[83],"events":[84],"e.g.,":[85],"planned":[86],"meetings,":[87],"calendar":[88],"items);":[89],"conceptual":[90],"opinions":[91,93],"as":[94],"derived":[95],"from":[96],"browsing,":[97],"emails).":[98],"preliminary":[100],"results":[101],"encouraging":[103],"show":[105],"this":[107],"new":[108],"direction":[109],"promising.":[111],"To":[112],"improve":[113],"usability,":[115],"in":[116],"particular":[117],"nonintrusiveness,":[118],"such":[120],"a":[121,128],"secret-question":[123],"system,":[124],"we":[125],"also":[126],"describe":[127],"concrete":[129],"client-server":[130],"architecture":[131],"security":[133],"model":[134],"automating":[136],"our":[137],"systems":[139],"utilizing":[141],"existing":[142],"artificial":[143],"intelligent":[144],"techniques.":[145]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}