{"id":"https://openalex.org/W4366545070","doi":"https://doi.org/10.1145/3577923.3583642","title":"A User Study of Keystroke Dynamics as Second Factor in Web MFA","display_name":"A User Study of Keystroke Dynamics as Second Factor in Web MFA","publication_year":2023,"publication_date":"2023-04-20","ids":{"openalex":"https://openalex.org/W4366545070","doi":"https://doi.org/10.1145/3577923.3583642"},"language":"en","primary_location":{"id":"doi:10.1145/3577923.3583642","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3577923.3583642","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058428684","display_name":"Ahmed Anu Wahab","orcid":"https://orcid.org/0000-0003-4677-5269"},"institutions":[{"id":"https://openalex.org/I16944753","display_name":"Clarkson University","ror":"https://ror.org/03rwgpn18","country_code":"US","type":"education","lineage":["https://openalex.org/I16944753"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ahmed Anu Wahab","raw_affiliation_strings":["Clarkson Univeristy, Potsdam, NY, USA"],"affiliations":[{"raw_affiliation_string":"Clarkson Univeristy, Potsdam, NY, USA","institution_ids":["https://openalex.org/I16944753"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007134697","display_name":"Daqing Hou","orcid":"https://orcid.org/0000-0001-8401-7157"},"institutions":[{"id":"https://openalex.org/I16944753","display_name":"Clarkson University","ror":"https://ror.org/03rwgpn18","country_code":"US","type":"education","lineage":["https://openalex.org/I16944753"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Daqing Hou","raw_affiliation_strings":["Clarkson Univeristy, Potsdam, NY, USA"],"affiliations":[{"raw_affiliation_string":"Clarkson Univeristy, Potsdam, NY, USA","institution_ids":["https://openalex.org/I16944753"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5032143229","display_name":"Stephanie Schuckers","orcid":"https://orcid.org/0000-0002-9365-9642"},"institutions":[{"id":"https://openalex.org/I16944753","display_name":"Clarkson University","ror":"https://ror.org/03rwgpn18","country_code":"US","type":"education","lineage":["https://openalex.org/I16944753"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Stephanie Schuckers","raw_affiliation_strings":["Clarkson Univeristy, Potsdam, NY, USA"],"affiliations":[{"raw_affiliation_string":"Clarkson Univeristy, Potsdam, NY, USA","institution_ids":["https://openalex.org/I16944753"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5058428684"],"corresponding_institution_ids":["https://openalex.org/I16944753"],"apc_list":null,"apc_paid":null,"fwci":4.1235,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.94354782,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"61","last_page":"72"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9757000207901001,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10789","display_name":"Interactive and Immersive Displays","score":0.9728000164031982,"subfield":{"id":"https://openalex.org/subfields/1709","display_name":"Human-Computer Interaction"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/keystroke-dynamics","display_name":"Keystroke dynamics","score":0.9829614758491516},{"id":"https://openalex.org/keywords/login","display_name":"Login","score":0.8945662975311279},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7566056251525879},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.7308736443519592},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.7282539010047913},{"id":"https://openalex.org/keywords/keystroke-logging","display_name":"Keystroke logging","score":0.7118154764175415},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6681729555130005},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4826946258544922},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.43091917037963867},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.42119282484054565},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.2849384546279907},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.18982627987861633},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.17551282048225403}],"concepts":[{"id":"https://openalex.org/C79540074","wikidata":"https://www.wikidata.org/wiki/Q3269465","display_name":"Keystroke dynamics","level":4,"score":0.9829614758491516},{"id":"https://openalex.org/C113324615","wikidata":"https://www.wikidata.org/wiki/Q472302","display_name":"Login","level":2,"score":0.8945662975311279},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7566056251525879},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.7308736443519592},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.7282539010047913},{"id":"https://openalex.org/C161615301","wikidata":"https://www.wikidata.org/wiki/Q309396","display_name":"Keystroke logging","level":2,"score":0.7118154764175415},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6681729555130005},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4826946258544922},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.43091917037963867},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.42119282484054565},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.2849384546279907},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.18982627987861633},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.17551282048225403},{"id":"https://openalex.org/C4957475","wikidata":"https://www.wikidata.org/wiki/Q242186","display_name":"S/KEY","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3577923.3583642","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3577923.3583642","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6299999952316284,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1487941708","https://openalex.org/W2030112111","https://openalex.org/W2093598585","https://openalex.org/W2107589078","https://openalex.org/W2136928336","https://openalex.org/W2149929743","https://openalex.org/W2498606951","https://openalex.org/W2787175445","https://openalex.org/W2787281119","https://openalex.org/W2795386701","https://openalex.org/W2888706360","https://openalex.org/W2979051136","https://openalex.org/W3037560939","https://openalex.org/W3199069885","https://openalex.org/W4224061638"],"related_works":["https://openalex.org/W2041122112","https://openalex.org/W2052279280","https://openalex.org/W3094144434","https://openalex.org/W2159333170","https://openalex.org/W3169822312","https://openalex.org/W274642192","https://openalex.org/W2095735921","https://openalex.org/W2545016324","https://openalex.org/W4283259439","https://openalex.org/W2982224826"],"abstract_inverted_index":{"As":[0],"account":[1,120,149,214,230],"compromises":[2],"and":[3,23,57,119,122,148,209,225,229],"malicious":[4],"online":[5],"attacks":[6],"are":[7,27],"on":[8,86,136],"the":[9,32,49,54,61,87,93,113,137,160,220,241,253],"rise,":[10],"multi-factor":[11],"authentication":[12,50,55,66,110,200,221],"(MFA)":[13],"has":[14,98],"been":[15,83,100],"adopted":[16,34],"to":[17,48,69,145,248,252],"defend":[18],"against":[19],"these":[20],"attacks.":[21],"OTP":[22,206,212,247],"mobile":[24],"push":[25],"notification":[26],"just":[28],"two":[29],"examples":[30],"of":[31,89,95,116,205,211,243],"popularly":[33],"MFA":[35,38,73,91,172],"factors.":[36],"Although":[37],"improve":[39],"security,":[40],"they":[41],"also":[42,153],"add":[43],"additional":[44,128],"steps":[45],"or":[46],"hardware":[47],"process,":[51,163],"thus":[52],"increasing":[53,75],"time":[56,222],"introducing":[58],"friction.":[59,79],"On":[60],"other":[62,90,170],"hand,":[63],"keystroke":[64,96,124,179,197,244],"dynamics-based":[65],"is":[67,181],"believed":[68],"be":[70,249],"a":[71,108,133,155],"promising":[72],"for":[74,158,184,227],"security":[76,193],"while":[77,190],"reducing":[78],"While":[80],"there":[81],"have":[82,106,152,239],"several":[84],"studies":[85],"usability":[88,94],"factors,":[92],"dynamics":[97,125,180,198,245],"not":[99,182],"studied.":[101],"To":[102],"this":[103],"end,":[104],"we":[105],"built":[107],"web":[109],"system":[111,138],"with":[112,246],"standard":[114],"features":[115],"signup,":[117,146],"login":[118,147,208,228],"recovery,":[121,215],"integrated":[123],"as":[126],"an":[127,234],"factor.":[129],"We":[130,151],"then":[131],"conducted":[132],"user":[134,161],"study":[135,187],"where":[139],"20":[140],"participants":[141,238],"completed":[142],"tasks":[143],"related":[144],"recovery.":[150],"evaluated":[154],"new":[156],"approach":[157],"completing":[159],"enrollment":[162],"which":[164,216],"reduces":[165,199,219],"friction":[166,201],"by":[167,202,223],"naturally":[168],"employing":[169],"alternative":[171],"factors":[173],"(OTP":[174],"in":[175,217],"our":[176],"study)":[177],"when":[178],"ready":[183],"use.":[185],"Our":[186],"shows":[188],"that":[189],"maintaining":[191],"strong":[192],"(0%":[194],"FPR),":[195],"adding":[196],"avoiding":[203],"66.3%":[204],"at":[207,213],"85.8%":[210],"turn":[218],"63.3%":[224],"78.9%":[226],"recovery":[231],"respectively.":[232],"Through":[233],"exit":[235],"survey,":[236],"all":[237],"rated":[240],"integration":[242],"more":[250],"preferable":[251],"conventional":[254],"OTP-only":[255],"authentication.":[256]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}