Search Results

A common approach for questionnaire collection is to set up a WLAN and respondents submit answers via specific apps or a web browser. However, much unnecessary background traffic is incurred once a device connects to Wi-Fi, consuming limited ...

The password policies for 14 popular websites were checked and a list of passwords that satisfied the minimal requirements created for each website. 58 users then created realistic passwords that satisfied the minimal requirements. A special purpose ...

Following the repeated reports of high prevalence of functional illiteracy in the countries of the Western Balkans, we go on to study the password composition habits of cultural groups from this region. Ina password cracking experiment, we obtain and ...

Passwords are still a widespread authentication mechanism that, despite the efforts of the cybersecurity community to educate people, are often predictable. Therefore, there is a need for defenders, e.g. cybersecurity/IT administrators, to periodically ...

Passwords will continue to be the most prevalent form of authentication in the foreseeable future. But passwords often consist of some common segments which are easy to be predicted and attacked. Lots of methods have been proposed to describe password ...

Abstract Despite decades of research into developing abstract security advice and improving interfaces, users still struggle to make passwords. Users frequently create passwords that are predictable for attackers [1, 9] or make other decisions (e.g., ...

In this work, we present a simple, yet effective and practical scheme to improve the security of stored password hashes, increasing the difficulty to crack passwords and exposing cracking attempts. We utilize a hardware-dependent function (HDF), such as ...

Passwords continue to remain an important authentication technique. The probabilistic context-free grammar-based password cracking system of Weir et al. was an important addition to dictionary-based password cracking approaches. In this paper, we show how ...

We propose a simple method for improving the security of hashed passwords: the maintenance of additional ``honeywords'' (false passwords) associated with each user's account. An adversary who steals a file of hashed passwords and inverts the hash ...

Usually, the password input on a web page form is produced by computer keyboard or mouse. This paper introduces a special method by mouth image. The password is produced by mouth image and submitted by mouth image. In the same time, the face image is ...

We propose an efficient attack to recover the passwords, used to authenticate the peer by EAP-MD5, in the IEEE 802.1X network. First, we recover the length of the used password through a method called length recovery attack by on-line queries. Second, ...

In this paper we attempt to determine the effectiveness of using entropy, as defined in NIST SP800-63, as a measurement of the security provided by various password creation policies. This is accomplished by modeling the success rate of current password ...

Considering the computer authentication, any password shall not only be private to its owner but also be chosen as not to be predicted easily by others. The passwords used in authentication processes of any critical system should be strong as not to be ...

Cryptanalytic time-memory trade-offs have been studied for 25 years and have benefited from several improvements since the original work of Hellman. The ensuing variants definitely improve the original trade-off but their real impact has never been ...

We present a dictionary attack that is based on keyboard acoustic emanations. We combine signal processing and efficient data structures and algorithms, to successfully reconstruct single words of 7-13 characters from a recording of the clicks made when ...

A design pattern provides a type of template or meta-template for solving design problems. This paper provides and discusses a pattern for creating individualized learning exercises. The domain of application is security education. The specific examples ...

Textual passwords are often the only mechanism used to authenticate users of a networked system. Unfortunately, many passwords are easily guessed or cracked. In an attempt to strengthen passwords, some systems instruct users to create mnemonic phrase-...