• Ikram M, Sentana I, Asghar H, Kaafar M and Kepkowski M. (2025). More Than Just a Random Number Generator! Unveiling the Security and Privacy Risks of Mobile OTP Authenticator Apps. Web Information Systems Engineering – WISE 2024. 10.1007/978-981-96-0576-7_14. (177-192).

    https://link.springer.com/10.1007/978-981-96-0576-7_14

  • Alsheavi A, Hawbani A, Othman W, WANG X, Qaid G, Zhao L, Al-Dubai A, Zhi L, Ismail A, Jhaveri R, Alsamhi S and Al-qaness M. (2024). IoT Authentication Protocols: Challenges, and Comparative Analysis. ACM Computing Surveys. 0:0.

    https://doi.org/10.1145/3703444

  • Yang Y, Wang J, Liu P, Fu A and Zhang Y. Uncovering Access Token Security Flaws in Multiuser Scenario of Smart Home Platforms. IEEE Internet of Things Journal. 10.1109/JIOT.2024.3429417. 11:22. (36841-36857).

    https://ieeexplore.ieee.org/document/10620436/

  • Kruzikova A, Suchanek J, Broz M, Ukrop M and Matyas V. What Johnny thinks about using two-factor authentication on GitHub: A survey among open-source developers. Proceedings of the 19th International Conference on Availability, Reliability and Security. (1-11).

    https://doi.org/10.1145/3664476.3670885

  • Yamaguchi S, Gomi H and Uehara T. (2024). User Verification System using Location-based Dynamic Questions for Account Recovery 2024 IEEE Security and Privacy Workshops (SPW). 10.1109/SPW63631.2024.00006. 979-8-3503-5487-4. (9-16).

    https://ieeexplore.ieee.org/document/10579505/

  • Almeida L, Fernández B, Zambrano D, Almachi A, Pillajo H and Yoo S. (2024). One-Time Passwords: A Literary Review of Different Protocols and Their Applications. Advanced Research in Technologies, Information, Innovation and Sustainability. 10.1007/978-3-031-48855-9_16. (205-219).

    https://link.springer.com/10.1007/978-3-031-48855-9_16

  • Pöhn D, Gruschka N, Ziegler L and Büttner A. (2023). A framework for analyzing authentication risks in account networks. Computers and Security. 135:C. Online publication date: 1-Dec-2023.

    https://doi.org/10.1016/j.cose.2023.103515

  • Yamaguchi S, Gomi H and Uehara T. (2023). Enhancing Account Recovery with Location-based Dynamic Questions 2023 IEEE 23rd International Conference on Software Quality, Reliability, and Security Companion (QRS-C). 10.1109/QRS-C60940.2023.00061. 979-8-3503-5939-8. (532-539).

    https://ieeexplore.ieee.org/document/10430068/

  • Aparicio A, Martínez-González M and Cardeñoso-Payo V. (2023). App-based detection of vulnerable implementations of OTP SMS APIs in the banking sector. Wireless Networks. 10.1007/s11276-023-03455-w.

    https://link.springer.com/10.1007/s11276-023-03455-w

  • Almeida L, Fernández B, Zambrano D, Almachi A, Pillajo H and Yoo S. (2023). A Complete One-Time Passwords (OTP) Solution Using Microservices: A Theoretical and Practical Approach. Innovations for Community Services. 10.1007/978-3-031-40852-6_4. (68-86).

    https://link.springer.com/10.1007/978-3-031-40852-6_4

  • Zhao J, Li Q, Yuan Z, Zhang Z and Lu S. (2022). 5G Messaging: System Insecurity and Defenses 2022 IEEE Conference on Communications and Network Security (CNS). 10.1109/CNS56114.2022.9947238. 978-1-6654-6255-6. (37-45).

    https://ieeexplore.ieee.org/document/9947238/

  • Ahmad T, Pandey R and Faisal M. (2022). Authorization Model for Securing Cloud SaaS Services (Netflix). International Journal of Distributed Systems and Technologies. 13:8. (1-13). Online publication date: 22-Sep-2022.

    https://doi.org/10.4018/IJDST.307903

  • Pöhn D, Gruschka N and Ziegler L. Multi-Account Dashboard for Authentication Dependency Analysis. Proceedings of the 17th International Conference on Availability, Reliability and Security. (1-13).

    https://doi.org/10.1145/3538969.3538987

  • Lone S and Mir A. (2021). A novel OTP based tripartite authentication scheme. International Journal of Pervasive Computing and Communications. 10.1108/IJPCC-04-2021-0097. 18:4. (437-459). Online publication date: 25-Jul-2022.

    https://www.emerald.com/insight/content/doi/10.1108/IJPCC-04-2021-0097/full/html

  • Zhang Y, Ma S, Li J, Gu D and Bertino E. (2022). KingFisher: Unveiling Insecurely Used Credentials in IoT-to-Mobile Communications 2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 10.1109/DSN53405.2022.00055. 978-1-6654-1693-1. (488-500).

    https://ieeexplore.ieee.org/document/9833606/

  • Adamu H, Mohammed A, Adepoju S and Aderiike A. (2022). A Three-Step One-Time Password, Textual and Recall-Based Graphical Password for an Online Authentication 2022 IEEE Nigeria 4th International Conference on Disruptive Technologies for Sustainable Development (NIGERCON). 10.1109/NIGERCON54645.2022.9803122. 978-1-6654-7978-3. (1-5).

    https://ieeexplore.ieee.org/document/9803122/

  • Varghese E and Pramila R. (2022). Protection Against SIM Swap Attacks on OTP System. Data Science and Security. 10.1007/978-981-19-2211-4_19. (219-228).

    https://link.springer.com/10.1007/978-981-19-2211-4_19

  • Mahesh T, Ram M, Ram N, Gowtham A and Swamy T. (2022). Real-Time Eye Blinking for Password Authentication. International Conference on Intelligent Emerging Methods of Artificial Intelligence & Cloud Computing. 10.1007/978-3-030-92905-3_52. (428-434).

    https://link.springer.com/10.1007/978-3-030-92905-3_52

  • Shibayama R and Kikuchi H. (2021). Vulnerability Exploiting SMS Push Notifications 2021 16th Asia Joint Conference on Information Security (AsiaJCIS). 10.1109/AsiaJCIS53848.2021.00014. 978-1-6654-1788-4. (23-30).

    https://ieeexplore.ieee.org/document/9546879/

  • Ma S, Li J, Kim H, Bertino E, Nepal S, Ostry D and Sun C. Fine with "1234"?. Proceedings of the 43rd International Conference on Software Engineering. (1671-1682).

    https://doi.org/10.1109/ICSE43902.2021.00148

  • Mavroudis V, Hicks C and Crowcroft J. (2021). An Interface Between Legacy and Modern Mobile Devices for Digital Identity. Emerging Technologies for Authorization and Authentication. 10.1007/978-3-030-93747-8_5. (68-76).

    https://link.springer.com/10.1007/978-3-030-93747-8_5

  • Innocenti T, Mirheidari S, Kharraz A, Crispo B and Kirda E. (2021). You’ve Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures. Detection of Intrusions and Malware, and Vulnerability Assessment. 10.1007/978-3-030-80825-9_1. (1-20).

    https://link.springer.com/10.1007/978-3-030-80825-9_1

  • Bertino E. (2020). Privacy in the Era of 5G, IoT, Big Data and Machine Learning 2020 Second IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). 10.1109/TPS-ISA50397.2020.00027. 978-1-7281-8543-9. (134-137).

    https://ieeexplore.ieee.org/document/9325384/