{"id":"https://openalex.org/W2124689666","doi":"https://doi.org/10.3233/jcs-2010-0412","title":"Leveraging personal devices for stronger password authentication from untrusted computers","display_name":"Leveraging personal devices for stronger password authentication from untrusted computers","publication_year":2011,"publication_date":"2011-06-20","ids":{"openalex":"https://openalex.org/W2124689666","doi":"https://doi.org/10.3233/jcs-2010-0412","mag":"2124689666"},"language":"en","primary_location":{"id":"doi:10.3233/jcs-2010-0412","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-2010-0412","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055898168","display_name":"Mohammad Mannan","orcid":"https://orcid.org/0000-0002-9630-5858"},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Mohammad Mannan","raw_affiliation_strings":["Department of Electrical and Computer Engineering, University of Toronto, Toronto, ON, Canada","(Correspd. E-mail: m.mannan@utoronto.ca) Department of Electrical and Computer Engineering, University of Toronto, Toronto, ON, Canada#TAB#"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, University of Toronto, Toronto, ON, Canada","institution_ids":["https://openalex.org/I185261750"]},{"raw_affiliation_string":"(Correspd. E-mail: m.mannan@utoronto.ca) Department of Electrical and Computer Engineering, University of Toronto, Toronto, ON, Canada#TAB#","institution_ids":["https://openalex.org/I185261750"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011846293","display_name":"Paul C. van Oorschot","orcid":"https://orcid.org/0000-0002-5038-5370"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"P.C. van Oorschot","raw_affiliation_strings":["School of Computer Science, Carleton University, Ottawa, ON, Canada"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, Carleton University, Ottawa, ON, Canada","institution_ids":["https://openalex.org/I67031392"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5055898168"],"corresponding_institution_ids":["https://openalex.org/I185261750"],"apc_list":null,"apc_paid":null,"fwci":12.9853,"has_fulltext":false,"cited_by_count":42,"citation_normalized_percentile":{"value":0.98390534,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"19","issue":"4","first_page":"703","last_page":"750"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.8162159323692322},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7756209373474121},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6564825773239136},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.586241602897644},{"id":"https://openalex.org/keywords/email-authentication","display_name":"Email authentication","score":0.5360287427902222},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.5014991760253906},{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.4834914803504944},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.45548194646835327},{"id":"https://openalex.org/keywords/chip-authentication-program","display_name":"Chip Authentication Program","score":0.45469987392425537},{"id":"https://openalex.org/keywords/database-transaction","display_name":"Database transaction","score":0.44978204369544983},{"id":"https://openalex.org/keywords/personally-identifiable-information","display_name":"Personally identifiable information","score":0.4421798586845398},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.41363441944122314},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.41043272614479065},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4092809855937958},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.40883398056030273},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3232288360595703},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.25924450159072876},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.12656170129776},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.09666708111763}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.8162159323692322},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7756209373474121},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6564825773239136},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.586241602897644},{"id":"https://openalex.org/C550791530","wikidata":"https://www.wikidata.org/wiki/Q5368811","display_name":"Email authentication","level":5,"score":0.5360287427902222},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.5014991760253906},{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.4834914803504944},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.45548194646835327},{"id":"https://openalex.org/C142124187","wikidata":"https://www.wikidata.org/wiki/Q5101471","display_name":"Chip Authentication Program","level":5,"score":0.45469987392425537},{"id":"https://openalex.org/C75949130","wikidata":"https://www.wikidata.org/wiki/Q848010","display_name":"Database transaction","level":2,"score":0.44978204369544983},{"id":"https://openalex.org/C169093310","wikidata":"https://www.wikidata.org/wiki/Q3702971","display_name":"Personally identifiable information","level":2,"score":0.4421798586845398},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.41363441944122314},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.41043272614479065},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4092809855937958},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.40883398056030273},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3232288360595703},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.25924450159072876},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.12656170129776},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.09666708111763}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3233/jcs-2010-0412","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-2010-0412","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.158.5942","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.158.5942","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.scs.carleton.ca/~paulv/papers/jcs-mpauth-submitted.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":55,"referenced_works":["https://openalex.org/W17439628","https://openalex.org/W88813478","https://openalex.org/W215137156","https://openalex.org/W312335232","https://openalex.org/W1488792172","https://openalex.org/W1498527206","https://openalex.org/W1534362546","https://openalex.org/W1542059364","https://openalex.org/W1543512222","https://openalex.org/W1562037230","https://openalex.org/W1575543897","https://openalex.org/W1588982178","https://openalex.org/W1596075621","https://openalex.org/W1596153847","https://openalex.org/W1607915502","https://openalex.org/W1729172517","https://openalex.org/W1957415375","https://openalex.org/W1964615470","https://openalex.org/W1992506132","https://openalex.org/W1994386233","https://openalex.org/W2019017059","https://openalex.org/W2038019800","https://openalex.org/W2078483465","https://openalex.org/W2095610745","https://openalex.org/W2096867800","https://openalex.org/W2096938398","https://openalex.org/W2097443909","https://openalex.org/W2101834106","https://openalex.org/W2110495618","https://openalex.org/W2113167642","https://openalex.org/W2116897550","https://openalex.org/W2117064875","https://openalex.org/W2117882778","https://openalex.org/W2121753509","https://openalex.org/W2125927592","https://openalex.org/W2127070727","https://openalex.org/W2128934745","https://openalex.org/W2129289277","https://openalex.org/W2129768690","https://openalex.org/W2131906261","https://openalex.org/W2132324287","https://openalex.org/W2134909295","https://openalex.org/W2157242295","https://openalex.org/W2161125959","https://openalex.org/W2163349039","https://openalex.org/W2165214731","https://openalex.org/W2165433201","https://openalex.org/W2165477067","https://openalex.org/W2167804035","https://openalex.org/W2168277905","https://openalex.org/W2301557564","https://openalex.org/W2307915592","https://openalex.org/W2514862040","https://openalex.org/W2992621200","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W1483112216","https://openalex.org/W2393298610","https://openalex.org/W2943527182","https://openalex.org/W2610546334","https://openalex.org/W2558166637","https://openalex.org/W4367058015","https://openalex.org/W4200155052","https://openalex.org/W4385414233","https://openalex.org/W2094306508","https://openalex.org/W4324137348"],"abstract_inverted_index":{"Internet":[0],"authentication":[1,174],"for":[2,34,96],"popular":[3],"end-user":[4,20],"transactions,":[5,36],"such":[6,49,72],"as":[7],"online":[8],"banking":[9],"and":[10,44,51,62,86,151],"e-commerce,":[11],"continues":[12,92],"to":[13,25,38,42,57,70,93,105,127,143,147,164],"be":[14,94,152,186],"dominated":[15],"by":[16],"passwords":[17,145],"entered":[18],"through":[19,115],"PCs.":[21],"Most":[22],"users":[23,142],"continue":[24],"prefer":[26],"(typically":[27],"untrusted)":[28],"PCs":[29],"over":[30],"smaller":[31],"personal":[32,118,149],"devices":[33],"actual":[35],"due":[37],"usability":[39],"features":[40],"related":[41],"keyboard":[43],"screen":[45],"size.":[46],"However,":[47],"most":[48,97],"transactions":[50,156],"their":[52],"underlying":[53],"protocols":[54],"are":[55],"vulnerable":[56],"attacks":[58],"including":[59],"keylogging,":[60],"phishing":[61],"pharming.":[63],"We":[64],"propose":[65],"Mobile":[66],"Password":[67],"Authentication":[68],"(MP-Auth)":[69],"counter":[71],"attacks,":[73],"which":[74,123],"cryptographically":[75],"separates":[76],"a":[77,121,148,162,169],"user's":[78,110],"long-term":[79,111],"secret":[80,112],"input":[81,114,144],"from":[82,157],"the":[83,99,109,128,134,158],"client":[84],"PC,":[85],"offers":[87],"transaction":[88],"integrity.":[89],"The":[90],"PC":[91,129],"used":[95],"of":[98,172,181,187],"interaction":[100],"but":[101],"has":[102],"access":[103],"only":[104,130,146],"temporary":[106],"secrets,":[107],"while":[108,154],"is":[113],"an":[116,178],"independent":[117,188],"device,":[119,150],"e.g.,":[120],"cellphone":[122],"makes":[124],"it":[125],"available":[126],"after":[131],"encryption":[132],"under":[133],"intended":[135],"far-end":[136],"recipient's":[137],"public":[138],"key.":[139],"MP-Auth":[140],"expects":[141],"vigilant":[153],"confirming":[155],"device.":[159],"To":[160],"facilitate":[161],"comparison":[163],"MP-Auth,":[165],"we":[166],"also":[167],"provide":[168],"comprehensive":[170],"survey":[171,184],"web":[173],"techniques":[175],"that":[176],"use":[177],"additional":[179],"factor":[180],"authentication;":[182],"this":[183],"may":[185],"interest.":[189]},"counts_by_year":[{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":4},{"year":2017,"cited_by_count":4},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":5},{"year":2014,"cited_by_count":9},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":2}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}