{"id":"https://openalex.org/W1966775768","doi":"https://doi.org/10.1145/2746194.2746207","title":"Measuring the security impacts of password policies using cognitive behavioral agent-based modeling","display_name":"Measuring the security impacts of password policies using cognitive behavioral agent-based modeling","publication_year":2015,"publication_date":"2015-04-17","ids":{"openalex":"https://openalex.org/W1966775768","doi":"https://doi.org/10.1145/2746194.2746207","mag":"1966775768"},"language":"en","primary_location":{"id":"doi:10.1145/2746194.2746207","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2746194.2746207","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 Symposium and Bootcamp on the Science of Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043673881","display_name":"Vijay Kothari","orcid":null},"institutions":[{"id":"https://openalex.org/I107672454","display_name":"Dartmouth College","ror":"https://ror.org/049s0rh22","country_code":"US","type":"education","lineage":["https://openalex.org/I107672454"]},{"id":"https://openalex.org/I4210166639","display_name":"Dartmouth Hospital","ror":"https://ror.org/02j3qj605","country_code":"GB","type":"healthcare","lineage":["https://openalex.org/I4210166639"]}],"countries":["GB","US"],"is_corresponding":true,"raw_author_name":"Vijay Kothari","raw_affiliation_strings":["Dartmouth College"],"affiliations":[{"raw_affiliation_string":"Dartmouth College","institution_ids":["https://openalex.org/I4210166639","https://openalex.org/I107672454"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030853797","display_name":"Jim Blythe","orcid":null},"institutions":[{"id":"https://openalex.org/I1174212","display_name":"University of Southern California","ror":"https://ror.org/03taz7m60","country_code":"US","type":"education","lineage":["https://openalex.org/I1174212"]},{"id":"https://openalex.org/I2800817003","display_name":"Southern California University for Professional Studies","ror":"https://ror.org/058zz0t50","country_code":"US","type":"education","lineage":["https://openalex.org/I2800817003"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jim Blythe","raw_affiliation_strings":["University of Southern California"],"affiliations":[{"raw_affiliation_string":"University of Southern California","institution_ids":["https://openalex.org/I2800817003","https://openalex.org/I1174212"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102885109","display_name":"Sean W. Smith","orcid":"https://orcid.org/0000-0001-5995-574X"},"institutions":[{"id":"https://openalex.org/I4210166639","display_name":"Dartmouth Hospital","ror":"https://ror.org/02j3qj605","country_code":"GB","type":"healthcare","lineage":["https://openalex.org/I4210166639"]},{"id":"https://openalex.org/I107672454","display_name":"Dartmouth College","ror":"https://ror.org/049s0rh22","country_code":"US","type":"education","lineage":["https://openalex.org/I107672454"]}],"countries":["GB","US"],"is_corresponding":false,"raw_author_name":"Sean W. Smith","raw_affiliation_strings":["Dartmouth College"],"affiliations":[{"raw_affiliation_string":"Dartmouth College","institution_ids":["https://openalex.org/I4210166639","https://openalex.org/I107672454"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067363466","display_name":"Ross Koppel","orcid":"https://orcid.org/0000-0002-8235-9900"},"institutions":[{"id":"https://openalex.org/I36788626","display_name":"California University of Pennsylvania","ror":"https://ror.org/01spssf70","country_code":"US","type":"education","lineage":["https://openalex.org/I36788626"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ross Koppel","raw_affiliation_strings":["University of Pennsylvania","#N# * University of Pennsylvania"],"affiliations":[{"raw_affiliation_string":"University of Pennsylvania","institution_ids":["https://openalex.org/I36788626"]},{"raw_affiliation_string":"#N# * University of Pennsylvania","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5043673881"],"corresponding_institution_ids":["https://openalex.org/I107672454","https://openalex.org/I4210166639"],"apc_list":null,"apc_paid":null,"fwci":4.9404,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.95081135,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.7618334293365479},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7114273309707642},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.6991009712219238},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6118133068084717},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.5533820390701294},{"id":"https://openalex.org/keywords/human-computer-interaction-in-information-security","display_name":"Human-computer interaction in information security","score":0.5095925331115723},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.4996826648712158},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.4899060130119324},{"id":"https://openalex.org/keywords/cognition","display_name":"Cognition","score":0.47787681221961975},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.45023664832115173},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.33302390575408936},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2793947458267212},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.22487488389015198},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.17745256423950195},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.1522834599018097},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.10355538129806519},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.08839723467826843},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.08631265163421631}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.7618334293365479},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7114273309707642},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.6991009712219238},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6118133068084717},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.5533820390701294},{"id":"https://openalex.org/C6353995","wikidata":"https://www.wikidata.org/wiki/Q17027910","display_name":"Human-computer interaction in information security","level":5,"score":0.5095925331115723},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.4996826648712158},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.4899060130119324},{"id":"https://openalex.org/C169900460","wikidata":"https://www.wikidata.org/wiki/Q2200417","display_name":"Cognition","level":2,"score":0.47787681221961975},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.45023664832115173},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.33302390575408936},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2793947458267212},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.22487488389015198},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.17745256423950195},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.1522834599018097},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.10355538129806519},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.08839723467826843},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.08631265163421631},{"id":"https://openalex.org/C169760540","wikidata":"https://www.wikidata.org/wiki/Q207011","display_name":"Neuroscience","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2746194.2746207","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2746194.2746207","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 Symposium and Bootcamp on the Science of Security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.697.3506","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.697.3506","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.dartmouth.edu/%7Esws/pubs/kbsk15-draft.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320338335","display_name":"H2020 European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W157675578","https://openalex.org/W1534968492","https://openalex.org/W1989078813","https://openalex.org/W1990011974","https://openalex.org/W1990310447","https://openalex.org/W2009226705","https://openalex.org/W2025448348","https://openalex.org/W2030112111","https://openalex.org/W2032152873","https://openalex.org/W2037202491","https://openalex.org/W2042720915","https://openalex.org/W2056245254","https://openalex.org/W2069811643","https://openalex.org/W2070801556","https://openalex.org/W2081601216","https://openalex.org/W2104773223","https://openalex.org/W2131906261","https://openalex.org/W2144850675","https://openalex.org/W2159732534","https://openalex.org/W2180809782","https://openalex.org/W2407708849"],"related_works":["https://openalex.org/W1987516957","https://openalex.org/W2183044514","https://openalex.org/W2596869006","https://openalex.org/W2346878720","https://openalex.org/W2969720675","https://openalex.org/W1639969416","https://openalex.org/W2048203748","https://openalex.org/W2009226705","https://openalex.org/W2104608169","https://openalex.org/W2146270836"],"abstract_inverted_index":{"Agent-based":[0],"modeling":[1,42],"can":[2],"serve":[3],"as":[4,23],"a":[5,56,61],"valuable":[6,68],"asset":[7],"to":[8,13,26,78,86],"security":[9,17,72],"personnel":[10],"who":[11],"wish":[12],"better":[14],"understand":[15],"the":[16],"landscape":[18],"within":[19],"their":[20],"organization,":[21],"especially":[22],"it":[24],"relates":[25],"user":[27],"behavior":[28],"and":[29,89],"circumvention.":[30],"In":[31],"this":[32],"paper,":[33],"we":[34],"argue":[35],"in":[36],"favor":[37],"of":[38,82],"cognitive":[39],"behavioral":[40],"agent-based":[41,53],"for":[43,55,92],"usable":[44],"security,":[45],"report":[46],"on":[47,50],"our":[48],"work":[49],"developing":[51],"an":[52,74],"model":[54],"password":[57],"management":[58],"scenario,":[59],"perform":[60],"sensitivity":[62],"analysis,":[63],"which":[64],"provides":[65],"us":[66],"with":[67],"insights":[69],"into":[70],"improving":[71],"(e.g.,":[73],"organization":[75],"that":[76],"wishes":[77],"suppress":[79],"one":[80],"form":[81],"circumvention":[83],"may":[84],"want":[85],"endorse":[87],"another),":[88],"provide":[90],"directions":[91],"future":[93],"work.":[94]},"counts_by_year":[{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}