Security Analysis of Email Systems

Li, Tianlin; Mehta, A.; Yang, Ping

doi:10.1109/cscloud.2017.20

Cited by 7 publications

(2 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This attitude by public leads to a tension between data privacy and the reality of cultural sharing. One of the main recommendations that we can learn from our study is that organizations, such as banks (Kaur et al 2020;Murdoch and Anderson 2010), email service providers (Li, Mehta, and Yang 2017;Al Maqbali and Mitchell 2018), wireless carriers (Lee et al 2020), that still consider DOB sensitive information should withdraw from using it as a part of their authentication system. Users should also not incorporate their birthdays into constructed passwords.…”

Section: Authentication Question Vs Celebrationmentioning

confidence: 98%

“…Usage of DOB should especially be avoided since it is considered easily discoverable information (OPC 2016), especially with the spread of social media (Rabkin 2008;Irani et al 2011). Even with these warnings, some organizations such as banks (Kaur et al 2020;Murdoch and Anderson 2010;Smyth 2010), wireless carriers (Lee et al 2020), and email service providers (Li, Mehta, and Yang 2017;Al Maqbali and Mitchell 2018) still use DOB while authenticating users.…”

Section: Birth Dates In the Authentication Processmentioning

confidence: 99%

See 1 more Smart Citation

From an Authentication Question to a Public Social Event: Characterizing Birthday Sharing on Twitter

Keküllüoğlu

Magdy

Vaniea

2022

ICWSM

View full text Add to dashboard Cite

Date of birth (DOB) has historically been considered as private information and safe to use for authentication, but recent years have seen a shift towards wide public sharing. In this work we characterize how modern social media users are approaching the sharing of birthday wishes publicly online. Over 45 days, we collected over 2.8M tweets wishing happy birthday to 724K Twitter accounts. For 50K accounts, their age was likely mentioned revealing their DOB, and 10% were protected accounts. Our findings show that the majority of both public and protected accounts seem to be accepting of their birthdays and DOB being revealed online by their friends even when they do not have it listed on their profiles. We further complemented our findings through a survey to measure awareness of DOB disclosure issues and how people think about sharing different types of birthday-related information. Our analysis shows that giving birthday wishes to others online is considered a celebration and many users are quite comfortable with it. This view matches the trend also seen in security where the use of DOB in authentication process is no longer considered best practice.

show abstract