乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,19]],"date-time":"2025-04-19T13:09:01Z","timestamp":1745068141276,"version":"3.37.3"},"reference-count":66,"publisher":"Association for Computing Machinery (ACM)","issue":"5","funder":[{"name":"Horst G\u00f6rtz Foundation, by the Deutsche Forschungsgemeinschaft","award":["251805230\/GRK 2050; 326979514\/3DIA"]},{"name":"JST CREST","award":["JPMJCR16E1"]},{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"crossref","award":["EP\/V008870\/1"],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Comput.-Hum. Interact."],"published-print":{"date-parts":[[2022,10,31]]},"abstract":"Two-factor authentication (2FA) is a recommended or imposed authentication mechanism for valuable online assets. However, 2FA mechanisms usually exhibit user experience issues that create user friction and even lead to poor acceptance, hampering the wider spread of 2FA. In this article, we investigate user perceptions of 2FA through in-depth interviews with 42 participants, revealing key requirements that are not well met today despite recently emerged 2FA solutions. First, we investigate past experiences with authentication mechanisms emphasizing problems and aspects that hamper good user experience. Second, we investigate the different authentication factors more closely. Our results reveal particularly interesting preferences regarding the authentication factor \u201cownership\u201d in terms of properties, physical realizations, and interaction. These findings suggest a path toward 2FA mechanisms with considerably better user experience, promising to improve the acceptance and hence, the proliferation of 2FA for the benefit of security in the digital world.<\/jats:p>","DOI":"10.1145\/3503514","type":"journal-article","created":{"date-parts":[[2022,2,24]],"date-time":"2022-02-24T17:28:35Z","timestamp":1645723715000},"page":"1-32","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":19,"title":["\u201cNah, it\u2019s just annoying!\u201d A Deep Dive into User Perceptions of Two-Factor Authentication"],"prefix":"10.1145","volume":"29","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7129-9642","authenticated-orcid":false,"given":"Karola","family":"Marky","sequence":"first","affiliation":[{"name":"University of Glasgow, Scotland, Technical University of Darmstadt, Germany, Keio University, Japan"}]},{"given":"Kirill","family":"Ragozin","sequence":"additional","affiliation":[{"name":"Keio University, Kohoku-ku Yokohama, Japan"}]},{"given":"George","family":"Chernyshov","sequence":"additional","affiliation":[{"name":"Keio University, Kohoku-ku Yokohama, Japan"}]},{"given":"Andrii","family":"Matviienko","sequence":"additional","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}]},{"given":"Martin","family":"Schmitz","sequence":"additional","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}]},{"given":"Max","family":"M\u00fchlh\u00e4user","sequence":"additional","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}]},{"given":"Chloe","family":"Eghtebas","sequence":"additional","affiliation":[{"name":"Technical University of Munich, Garching bei M\u00fcnchen, Germany"}]},{"given":"Kai","family":"Kunze","sequence":"additional","affiliation":[{"name":"Keio University, Kohoku-ku Yokohama, Japan"}]}],"member":"320","published-online":{"date-parts":[[2022,10,20]]},"reference":[{"key":"e_1_3_5_2_2","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376457"},{"key":"e_1_3_5_3_2","doi-asserted-by":"publisher","DOI":"10.1177\/1541931218621262"},{"key":"e_1_3_5_4_2","doi-asserted-by":"publisher","DOI":"10.1080\/10447318.2017.1306765"},{"key":"e_1_3_5_5_2","series-title":"Proceedings of the USENIX Workshop on Offensive Technologies","first-page":"1","volume":"10","author":"Aviv Adam J.","year":"2010","unstructured":"Adam J. Aviv, Katherine L. Gibson, Evan Mossop, Matt Blaze, and Jonathan M. Smith. 2010. Smudge attacks on smartphone touch screens. In Proceedings of the USENIX Workshop on Offensive Technologies(Woot, Vol. 10). USENIX Association, 1\u20137."},{"key":"e_1_3_5_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.44"},{"key":"e_1_3_5_7_2","unstructured":"Clarke Victoria Virginia Braun and Nikki Hayfield. 2015. Thematic analysis. Qualitative Psychology: A Practical Guide to Research Methods 222 (2015) 248."},{"key":"e_1_3_5_8_2","first-page":"339","volume-title":"Proceedings of the Symposium on Usable Privacy and Security (SOUPS)","author":"Ciolino St\u00e9phane","year":"2019","unstructured":"St\u00e9phane Ciolino, Simon Parkin, and Paul Dunphy. 2019. Of two minds about two-factor: Understanding everyday FIDO U2F usability through device comparison and experience sampling. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS). USENIX Association, 339\u2013356. Retrieved from https:\/\/www.usenix.org\/conference\/soups2019\/presentation\/ciolino."},{"key":"e_1_3_5_9_2","doi-asserted-by":"publisher","DOI":"10.1177\/001316446002000104"},{"key":"e_1_3_5_10_2","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3174030"},{"key":"e_1_3_5_11_2","unstructured":"European Commission. 2016. Payment Services (PSD 2) - Directive (EU) 2015\/2366. (August 2020). Retrieved August 22 2020 from https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:32015L2366."},{"key":"e_1_3_5_12_2","first-page":"1","article-title":"Fido nfc protocol specification v1. 0","author":"Czeskis Alexei","year":"2015","unstructured":"Alexei Czeskis and Juan Lang. 2015. Fido nfc protocol specification v1. 0. FIDO Alliance Proposed Standard (2015), 1\u20135. https:\/\/fidoalliance.org\/specs\/fido-u2f-v1.2-ps-20170411\/fido-u2f-nfc-protocol-v1.2-ps-20170411.html.","journal-title":"FIDO Alliance Proposed Standard"},{"key":"e_1_3_5_13_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-58387-6_9"},{"key":"e_1_3_5_14_2","first-page":"1","volume-title":"Proceedings of the SIGCHI Workshop on Designing Interactions for the Ageing Populations - Addressing Global Challenges","author":"Das Sanchari","year":"2020","unstructured":"Sanchari Das, Andrew Kim, Ben Jelen, Joshua Streiff, L. Jean Camp, and Lesa Huber. 2020. Why don\u2019t older adults adopt two-factor authentication?. In Proceedings of the SIGCHI Workshop on Designing Interactions for the Ageing Populations - Addressing Global Challenges. SSRN, 1\u20135."},{"key":"e_1_3_5_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660271"},{"key":"e_1_3_5_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/2675133.2675225"},{"key":"e_1_3_5_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/3167996.3167997"},{"key":"e_1_3_5_18_2","doi-asserted-by":"publisher","DOI":"10.1016\/B978-0-12-374457-9.00025-1"},{"key":"e_1_3_5_19_2","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2014.23025"},{"key":"e_1_3_5_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW.2019.00020"},{"key":"e_1_3_5_21_2","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025636"},{"key":"e_1_3_5_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/3473856.3474006"},{"key":"e_1_3_5_23_2","doi-asserted-by":"publisher","DOI":"10.1080\/10447318.2018.1456150"},{"key":"e_1_3_5_24_2","first-page":"268","volume-title":"Proceeedings of the IEEE Symposium on Security and Privacy (SP)","author":"Lyastani S. Ghorbani","year":"2020","unstructured":"S. Ghorbani Lyastani, M. Schilling, M. Neumayr, M. Backes, and S. Bugiel. 2020. Is FIDO2 the kingslayer of user authentication? A comparative usability study of FIDO2 passwordless authentication. In Proceeedings of the IEEE Symposium on Security and Privacy (SP). IEEE, 268\u2013285."},{"key":"e_1_3_5_25_2","first-page":"109","volume-title":"Proceedings of the 30th USENIX Security Symposium (USENIX Security 21)","author":"Golla Maximilian","year":"2021","unstructured":"Maximilian Golla, Grant Ho, Marika Lohmus, Monica Pulluri, and Elissa M. Redmiles. 2021. Driving 2FA adoption at scale: Optimizing two-factor authentication notification design patterns. In Proceedings of the 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 109\u2013126."},{"key":"e_1_3_5_26_2","volume-title":"Digital Identity Guidelines [Including Updates as of 12-01-2017]","author":"Grassi Paul A.","year":"2017","unstructured":"Paul A. Grassi, James L. Fenton, and Michael E. Garcia. 2017. Digital Identity Guidelines [Including Updates as of 12-01-2017]. Technical Report. NIST Special Publication 800-63-3."},{"key":"e_1_3_5_27_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2010.12.001"},{"key":"e_1_3_5_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.150"},{"key":"e_1_3_5_29_2","unstructured":"Auth0 Inc.2021. OAuth 2 Standard Documentation. (October 2021). Retrieved October 31 2021 from https:\/\/auth0.com\/docs\/."},{"key":"e_1_3_5_30_2","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753384"},{"key":"e_1_3_5_31_2","doi-asserted-by":"publisher","DOI":"10.1145\/1837110.1837118"},{"key":"e_1_3_5_32_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-31500-9_7"},{"key":"e_1_3_5_33_2","first-page":"483","volume-title":"Proceedings of the USENIX Security Symposium (USENIX Security\u201915)","author":"Karapanos Nikolaos","year":"2015","unstructured":"Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun. 2015. Sound-proof: Usable two-factor authentication based on ambient sound. In Proceedings of the USENIX Security Symposium (USENIX Security\u201915). USENIX Association, 483\u2013498."},{"key":"e_1_3_5_34_2","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376840"},{"key":"e_1_3_5_35_2","doi-asserted-by":"publisher","DOI":"10.1145\/3210240.3210317"},{"key":"e_1_3_5_36_2","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2015.23001"},{"key":"e_1_3_5_37_2","first-page":"422","volume-title":"Proceedings of the International Conference on Financial Cryptography and Data Security","author":"Lang Juan","year":"2016","unstructured":"Juan Lang, Alexei Czeskis, Dirk Balfanz, Marius Schilder, and Sampath Srinivas. 2016. Security keys: Practical cryptographic second factors for the modern web. In Proceedings of the International Conference on Financial Cryptography and Data Security. Springer, 422\u2013440."},{"key":"e_1_3_5_38_2","doi-asserted-by":"publisher","DOI":"10.1145\/2948618.2948627"},{"key":"e_1_3_5_39_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00779-016-0928-6"},{"key":"e_1_3_5_40_2","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376189"},{"key":"e_1_3_5_41_2","doi-asserted-by":"publisher","DOI":"10.1145\/3359174"},{"key":"e_1_3_5_42_2","doi-asserted-by":"publisher","DOI":"10.1145\/2212776.2223842"},{"key":"e_1_3_5_43_2","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2003.819611"},{"key":"e_1_3_5_44_2","doi-asserted-by":"publisher","DOI":"10.14722\/USEC.2016.23003"},{"key":"e_1_3_5_45_2","doi-asserted-by":"publisher","DOI":"10.1108\/ACI-12-2020-0156"},{"key":"e_1_3_5_46_2","volume-title":"Proceedings of the 15th Symposium on Usable Privacy and Security (SOUPS 2019)","author":"Reese Ken","year":"2019","unstructured":"Ken Reese, Trevor Smith, Jonathan Dutson, Jonathan Armknecht, Jacob Cameron, and Kent Seamons. 2019. A usability study of five two-factor authentication methods. In Proceedings of the 15th Symposium on Usable Privacy and Security (SOUPS 2019). USENIX Association."},{"key":"e_1_3_5_47_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00067"},{"key":"e_1_3_5_48_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2691658"},{"key":"e_1_3_5_49_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.4"},{"key":"e_1_3_5_50_2","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3173756"},{"key":"e_1_3_5_51_2","unstructured":"DUO Security. 2019. Security Tokens. (August 2020). Retrieved August 22 2020 from https:\/\/duo.com\/product\/trusted-users\/two-factor-authentication\/authentication-methods\/security-tokens."},{"key":"e_1_3_5_52_2","doi-asserted-by":"publisher","DOI":"10.1145\/2594368.2594375"},{"key":"e_1_3_5_53_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-25867-1_6"},{"key":"e_1_3_5_54_2","unstructured":"Statista. 2018. Cybersecurity & Cloud 2018. (September 2020). Retrieved September 1 2020 from https:\/\/de.statista.com\/statistik\/studie\/id\/58204\/dokument\/cybersecurity-und-cloud\/."},{"key":"e_1_3_5_55_2","first-page":"243","volume-title":"Proceedings of the Symposium on Usable Privacy and Security (SOUPS)","author":"Stobert Elizabeth","year":"2014","unstructured":"Elizabeth Stobert and Robert Biddle. 2014. The password life cycle: User behaviour in managing passwords. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS). USENIX Association, 243\u2013255."},{"key":"e_1_3_5_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143128"},{"key":"e_1_3_5_57_2","unstructured":"Christian Tiefenau Maximilian H\u00e4ring Mohamed Khamis and Emanuel von Zezschwitz. 2019. \u201cPlease enter your PIN\u201d\u2013on the risk of bypass attacks on biometric authentication on mobile devices. arXiv:1911.07692. Retrieved from https:\/\/arxiv.org\/abs\/1911.07692."},{"key":"e_1_3_5_58_2","first-page":"123","volume-title":"Proceedings of the Symposium on Usable Privacy and Security (SOUPS)","author":"Ur Blase","year":"2015","unstructured":"Blase Ur, Fumiko Noma, Jonathan Bees, Sean M. Segreti, Richard Shay, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. 2015. \u201cI Added\u2019!\u2019at the end to make it secure\u201d: Observing password creation in the lab. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS). USENIX Association, 123\u2013140."},{"key":"e_1_3_5_59_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2012.2215877"},{"key":"e_1_3_5_60_2","first-page":"175","volume-title":"Proceedings of the Symposium on Usable Privacy and Security (SOUPS)","author":"Wash Rick","year":"2016","unstructured":"Rick Wash, Emilee Rader, Ruthie Berman, and Zac Wellmer. 2016. Understanding password choices: How frequently entered passwords are re-used across websites. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS). USENIX Association, 175\u2013188."},{"key":"e_1_3_5_61_2","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134629"},{"key":"e_1_3_5_62_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2008.09.008"},{"key":"e_1_3_5_63_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.intcom.2009.10.001"},{"key":"e_1_3_5_64_2","unstructured":"Yubico. 2019. YubiKey NEO. (August 2020). Retrieved August 22 2020 from https:\/\/support.yubico.com\/support\/solutions\/articles\/15000006494-yubikey-neo."},{"key":"e_1_3_5_65_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-58460-7_18"},{"key":"e_1_3_5_66_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijhcs.2019.08.006"},{"key":"e_1_3_5_67_2","doi-asserted-by":"publisher","DOI":"10.1108\/ICS-01-2019-0020"}],"container-title":["ACM Transactions on Computer-Human Interaction"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3503514","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,2]],"date-time":"2023-01-02T01:39:04Z","timestamp":1672623544000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3503514"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,20]]},"references-count":66,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2022,10,31]]}},"alternative-id":["10.1145\/3503514"],"URL":"https:\/\/doi.org\/10.1145\/3503514","relation":{},"ISSN":["1073-0516","1557-7325"],"issn-type":[{"type":"print","value":"1073-0516"},{"type":"electronic","value":"1557-7325"}],"subject":[],"published":{"date-parts":[[2022,10,20]]},"assertion":[{"value":"2020-12-07","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-12-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-10-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}