1@article{mjs:Lancini:SocAuth,
 2  author = {Marco Lancini},
 3  title = {Social Authentication},
 4  subtitle = {Vulnerabilities, Mitigations, and Redesign},
 5  pages = {476-492},
 6  year = {2014},
 7  journaltitle = {Magdeburger Journal zur Sicherheitsforschung},
 8  issn = {2192-4260},
 9  url = {https://d-nb.info/1066142327/34},
10  codeberg = {https://codeberg.org/0xKaishakunin/Publikationen/src/branch/main/MagdeburgerJournalSicherheitsforschung/MJS_032_Lancini_SocialAuthentication.pdf},
11  issue = {2},
12  volume = {8},
13  urldate = {2014-11-13},
14  keywords = {ds15,mjsarticle,2fa,two-factor authentication},
15  abstract = {High-value services have introduced two-factor authentication to prevent adversaries from compromising accounts using stolen credentials. Facebook has recently released a two-factor authentication mechanism, referred to as Social Authentication (SA). We designed and implemented an automated system able to break the SA, to demonstrate the feasibility of carrying out large-scale attacks against social authentication with minimal effort on behalf of an attacker. We then revisited the SA concept and propose reSA, a two-factor authentication scheme that can be easily solved by humans but is robust against face-recognition software. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences“. Edited by Stefan Schumacher and René Pfeiffer},
16}

1. citenp:[mjs:Lancini:SocAuth]
2. cite:[mjs:Lancini:SocAuth]
3. bibitem[mjs:Lancini:SocAuth]

1. \textcite{mjs:Lancini:SocAuth}
2. \parencite{mjs:Lancini:SocAuth}
3. \cite{mjs:Lancini:SocAuth}