@article{WieflingD{\"u}rmuthLo Iacono2021, author = {Wiefling, Stephan and D{\"u}rmuth, Markus and Lo Iacono, Luigi}, title = {Verify It's You: How Users Perceive Risk-based Authentication}, journal = {IEEE Security \& Privacy}, volume = {19}, number = {6}, issn = {1540-7993}, doi = {10.1109/MSEC.2021.3077954}, institution = {Fachbereich Informatik}, pages = {47 -- 57}, year = {2021}, abstract = {Risk-based authentication (RBA) is an adaptive security measure to strengthen password-based authentication against account takeover attacks. Our study on 65 participants shows that users find RBA more usable than two-factor authentication equivalents and more secure than password-only authentication. We identify pitfalls and provide guidelines for putting RBA into practice.}, language = {en} }