An Explainable Online Password Strength Estimator

2021 ◽  
pp. 285-304
Author(s):  
Liron David ◽  
Avishai Wool
Keyword(s):  
Password Strength

Multi-cultural Empirical Study of Password Strength Versus Ergonomic Utility

2016 ◽  
pp. 315-326
Author(s):  
Monte Hancock ◽  
Federico Calderon ◽  
Mendi Drayton ◽  
Edward Stapleton ◽  
John Nida ◽  
...  
Keyword(s):  
Empirical Study ◽  
Password Strength

A Study on Password Strength in Wireless Encryption Protocols

2019 ◽  
Vol 8 (2) ◽  
pp. 21-26
Author(s):  
Gabriel PETRICĂ
Keyword(s):  
Operating System ◽  
Wireless Networks ◽  
Network Security ◽  
Intrusion Detection ◽  
Wireless Network ◽  
Data Encryption ◽  
The Internet ◽  
Wireless Network Security ◽  
Password Strength

Solutions that can be implemented to secure a LAN include firewalls and intrusion detection / prevention systems (IDS / IPS). For a wireless network, security is a challenge considering the specific elements of this type of network: the physical area from which the connection is possible, and the weaknesses of the protocols used for data encryption. This article presents a case study on the most widely used protocols (WEP, WPA and WPA2) to secure wireless networks and the methodology by which passwords can be decrypted using Kali Linux distribution - available for free on the Internet - and applications included in this operating system.

scholarly journals Recurrent GANs Password Cracker For IoT Password Security Enhancement

Sensors ◽  
2020 ◽  
Vol 20 (11) ◽  
pp. 3106 ◽  
Author(s):  
Sungyup Nam ◽  
Seungho Jeon ◽  
Hongkyo Kim ◽  
Jongsub Moon
Keyword(s):  
Cost Function ◽  
Generative Adversarial Networks ◽  
Security Enhancement ◽  
Password Security ◽  
Adversarial Networks ◽  
Cracking Performance ◽  
Context Free ◽  
Password Strength ◽  
Probabilistic Context ◽  
Password Cracking

Text-based passwords are a fundamental and popular means of authentication. Password authentication can be simply implemented because it does not require any equipment, unlike biometric authentication, and it relies only on the users’ memory. This reliance on memory is a weakness of passwords, and people therefore usually use easy-to-remember passwords, such as “iloveyou1234”. However, these sample passwords are not difficult to crack. The default passwords of IoT also are text-based passwords and are easy to crack. This weakness enables free password cracking tools such as Hashcat and JtR to execute millions of cracking attempts per second. Finally, this weakness creates a security hole in networks by giving hackers access to an IoT device easily. Research has been conducted to better exploit weak passwords to improve password-cracking performance. The Markov model and probabilistic context-free-grammar (PCFG) are representative research results, and PassGAN, which uses generative adversarial networks (GANs), was recently introduced. These advanced password cracking techniques contribute to the development of better password strength checkers. We studied some methods of improving the performance of PassGAN, and developed two approaches for better password cracking: the first was changing the convolutional neural network (CNN)-based improved Wasserstein GAN (IWGAN) cost function to an RNN-based cost function; the second was employing the dual-discriminator GAN structure. In the password cracking performance experiments, our models showed 10–15% better performance than PassGAN. Through additional performance experiments with PCFG, we identified the cracking performance advantages of PassGAN and our models over PCFG. Finally, we prove that our models enhanced password strength estimation through a comparison with zxcvbn.

scholarly journals An Explainable Password Strength Meter Addon via Textual Pattern Recognition

2019 ◽  
Vol 2019 ◽  
pp. 1-10 ◽  
Author(s):  
Ming Xu ◽  
Weili Han
Keyword(s):  
Pattern Recognition ◽  
User Study ◽  
File Sharing ◽  
High Profile ◽  
Authentication Mechanism ◽  
Password Strength

Textual passwords are still dominating the authentication of remote file sharing and website logins, although researchers recently showed several vulnerabilities about this authentication mechanism. When a user creates or changes a password, a website usually leverages a password strength meter (PSM for short) to show the strength of the password. When the password is evaluated as a weak one, the user may replace the password with a stronger or securer one. However, the user is usually confused when the password, especially a frequently used password, is shown as a weak one. We argue that an explainable password strength meter addon, which could show the reasons of weak, may help users to more effectively create a secure password. Unfortunately, we find few sites in Alexa global top 100 showing these details. Motivated to help users with an explainable PSM, this paper proposes an addon to PSMs providing feedbacks in the form of pattern passwords explaining why a password is weak. This PSM addon can detect twelve types of patterns, which cover a very large proportion among 70 million of leaked real passwords from high-profile websites. According to our evaluation and user study, our PSM addon, which leverages textual pattern passwords, can effectively detect these popular patterns and effectively help users create securer passwords.

CogniPGA: Longitudinal Evaluation of Picture Gesture Authentication with Cognition-Based Intervention

i-com ◽  
2019 ◽  
Vol 18 (3) ◽  
pp. 237-257
Author(s):  
Christina Katsini ◽  
Nikolaos Avouris ◽  
Christos Fidas
Keyword(s):  
Cognitive Style ◽  
Cued Recall ◽  
The Other ◽  
Visual Exploration ◽  
Visual Behavior ◽  
Longitudinal Evaluation ◽  
Cognitive Characteristics ◽  
Graphical Passwords ◽  
Authentication Schemes ◽  
Password Strength

AbstractThere is evidence that the visual behavior of users when creating graphical passwords affects the password strength. Adopting a cognitive style perspective in the interpretation of the results of recent studies revealed that users, depending on their cognitive style, follow different visual exploration paths when creating graphical passwords which affected the password strength. To take advantage of the inherent abilities of people, we proposed CogniPGA, a cued-recall graphical authentication scheme where a cognition-based intervention using gaze data is applied. This paper presents the longitudinal evaluation of the proposed scheme in terms of security, memorability, and usability from a cognitive style perspective. Results strengthen the assumptions that understanding and using the inherent cognitive characteristics of users could enable the design of user-first authentication schemes, where no compromises need to be made on security for benefiting usability or the other way around.

Sign in / Sign up

Export Citation Format

Share Document