{"id":"https://openalex.org/W3090113120","doi":"https://doi.org/10.1145/3427228.3427243","title":"More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication","display_name":"More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication","publication_year":2020,"publication_date":"2020-12-07","ids":{"openalex":"https://openalex.org/W3090113120","doi":"https://doi.org/10.1145/3427228.3427243","mag":"3090113120"},"language":"en","primary_location":{"id":"doi:10.1145/3427228.3427243","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3427228.3427243","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2010.00339","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5089011300","display_name":"Stephan Wiefling","orcid":"https://orcid.org/0000-0001-7917-6065"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Stephan Wiefling","raw_affiliation_strings":["H-BRS University of Applied Sciences Ruhr University Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"H-BRS University of Applied Sciences Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110236021","display_name":"Markus D\u00fcrmuth","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Markus D\u00fcrmuth","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037591969","display_name":"Luigi Lo Iacono","orcid":"https://orcid.org/0000-0002-7863-0622"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Luigi Lo Iacono","raw_affiliation_strings":["H-BRS University of Applied Sciences"],"affiliations":[{"raw_affiliation_string":"H-BRS University of Applied Sciences","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5089011300"],"corresponding_institution_ids":["https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":7.2636,"has_fulltext":true,"cited_by_count":35,"citation_normalized_percentile":{"value":0.97498737,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"203","last_page":"218"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9860000014305115,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9858999848365784,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.8167581558227539},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7154585123062134},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.6203332543373108},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6007939577102661},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5458607077598572},{"id":"https://openalex.org/keywords/chip-authentication-program","display_name":"Chip Authentication Program","score":0.5412636995315552},{"id":"https://openalex.org/keywords/login","display_name":"Login","score":0.5220986604690552},{"id":"https://openalex.org/keywords/lightweight-extensible-authentication-protocol","display_name":"Lightweight Extensible Authentication Protocol","score":0.5103892683982849},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.4880913496017456},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.4736919403076172},{"id":"https://openalex.org/keywords/challenge\u2013response-authentication","display_name":"Challenge\u2013response authentication","score":0.432179719209671},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.33444273471832275},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.3004786968231201},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.23943358659744263},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.17439600825309753}],"concepts":[{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.8167581558227539},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7154585123062134},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.6203332543373108},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6007939577102661},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5458607077598572},{"id":"https://openalex.org/C142124187","wikidata":"https://www.wikidata.org/wiki/Q5101471","display_name":"Chip Authentication Program","level":5,"score":0.5412636995315552},{"id":"https://openalex.org/C113324615","wikidata":"https://www.wikidata.org/wiki/Q472302","display_name":"Login","level":2,"score":0.5220986604690552},{"id":"https://openalex.org/C167169670","wikidata":"https://www.wikidata.org/wiki/Q1824705","display_name":"Lightweight Extensible Authentication Protocol","level":4,"score":0.5103892683982849},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.4880913496017456},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.4736919403076172},{"id":"https://openalex.org/C131129157","wikidata":"https://www.wikidata.org/wiki/Q1059963","display_name":"Challenge\u2013response authentication","level":4,"score":0.432179719209671},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.33444273471832275},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.3004786968231201},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.23943358659744263},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.17439600825309753}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3427228.3427243","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3427228.3427243","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2010.00339","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2010.00339","pdf_url":"https://arxiv.org/pdf/2010.00339","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:pub.h-brs.de:5070","is_oa":true,"landing_page_url":"https://pub.h-brs.de/frontdoor/index/index/docId/5070","pdf_url":"https://pub.h-brs.de/files/5070/Wiefling2020_MoreThanJustGoodPasswords.pdf","source":{"id":"https://openalex.org/S4306400385","display_name":"Publication Server of Bonn-Rhein-Sieg University of Applied Sciences (Bonn-Rhein-Sieg University of Applied Sciences)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I135140700","host_organization_name":"University of Bonn","host_organization_lineage":["https://openalex.org/I135140700"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"36th Annual Computer Security Applications Conference (ACSAC '20). December 07-11, 2020","raw_type":"acceptedVersion"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2010.00339","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2010.00339","pdf_url":"https://arxiv.org/pdf/2010.00339","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.46000000834465027}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W19399978","https://openalex.org/W1414736817","https://openalex.org/W1522064673","https://openalex.org/W1859657004","https://openalex.org/W1966976587","https://openalex.org/W1980235022","https://openalex.org/W2019380907","https://openalex.org/W2022247893","https://openalex.org/W2048755632","https://openalex.org/W2073342447","https://openalex.org/W2082554729","https://openalex.org/W2087198747","https://openalex.org/W2118739795","https://openalex.org/W2131906261","https://openalex.org/W2142765329","https://openalex.org/W2149929743","https://openalex.org/W2156765389","https://openalex.org/W2171920515","https://openalex.org/W2198321343","https://openalex.org/W2218132318","https://openalex.org/W2281886324","https://openalex.org/W2396652156","https://openalex.org/W2403683365","https://openalex.org/W2410511920","https://openalex.org/W2474664182","https://openalex.org/W2502801113","https://openalex.org/W2503779953","https://openalex.org/W2538793708","https://openalex.org/W2680793898","https://openalex.org/W2740698517","https://openalex.org/W2794591479","https://openalex.org/W2795673503","https://openalex.org/W2810360690","https://openalex.org/W2894247982","https://openalex.org/W2900706516","https://openalex.org/W2905372988","https://openalex.org/W2908161602","https://openalex.org/W2952071009","https://openalex.org/W2963802391","https://openalex.org/W2968548076","https://openalex.org/W2969468676","https://openalex.org/W2969748787","https://openalex.org/W2970454902","https://openalex.org/W3103908128","https://openalex.org/W4294214983","https://openalex.org/W4399411924"],"related_works":["https://openalex.org/W2093798919","https://openalex.org/W2050433615","https://openalex.org/W2907262898","https://openalex.org/W2393298610","https://openalex.org/W2390304521","https://openalex.org/W3022695109","https://openalex.org/W4392012696","https://openalex.org/W4395453412","https://openalex.org/W4253316174","https://openalex.org/W2941888532"],"abstract_inverted_index":{"Risk-based":[0],"Authentication":[1],"(RBA)":[2],"is":[3],"an":[4],"adaptive":[5],"security":[6,55],"measure":[7],"to":[8,31,45],"strengthen":[9],"password-based":[10],"authentication.":[11],"RBA":[12,41,58],"monitors":[13],"additional":[14,33],"features":[15],"during":[16],"login,":[17],"and":[18,53],"when":[19],"observed":[20],"feature":[21],"values":[22],"differ":[23],"significantly":[24],"from":[25],"previously":[26],"seen":[27],"ones,":[28],"users":[29],"have":[30],"provide":[32],"authentication":[34],"factors":[35],"such":[36],"as":[37],"a":[38],"verification":[39],"code.":[40],"has":[42],"the":[43,51,54],"potential":[44],"offer":[46],"more":[47],"usable":[48],"authentication,":[49],"but":[50],"usability":[52],"perceptions":[56],"of":[57],"are":[59],"not":[60],"studied":[61],"well.":[62]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":9},{"year":2021,"cited_by_count":5}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}