Analysis Performance BCRYPT Algorithm to Improve Password Security from Brute Force

Passwords have been a recurring subject of research ever since Morris and Thompson first pointed out their disadvantages in 1979. Several decades later, textual passwords remain to be the most used authentication method, despite the growing number of security breaches. In this article, we highlight technological advances that have the potential to ease brute-force attacks on longer passwords. We point out users? persistently bad password creation and management practices, arguing that the users will be unable to keep up with the increasingly demanding security requirements in the future. We examine a set of real, user-generated passwords, and compare them to the passwords collected by Morris and Thompson. The results show that today?s passwords remain as weak as they were nearly four decades ago. We provide insight on how the current password security could be improved by giving recommendations to users, administrators, and researchers. We dispute the reiterated claim that passwords should be replaced, by exposing the alternatives? weaknesses. Finally, we argue passwords will remain widespread until two conditions are met: First, a Pareto-improving authentication method is discovered, and second, the users are motivated to replace textual passwords.

Download Full-text

AcSIS: Authentication System Based on Image Splicing

Engineering, Technology & Applied Science Research ◽

10.48084/etasr.3060 ◽

2019 ◽

Vol 9 (5) ◽

pp. 4808-4812

Author(s):

S. Hamid ◽

N. Z. Bawany ◽

S. Khan

Keyword(s):

Success Rate ◽

Brute Force ◽

Image Splicing ◽

Password Authentication ◽

Trade Off ◽

Graphical Passwords ◽

Password Security ◽

Authentication System ◽

Digital Assets ◽

Dictionary Attacks

Text-based passwords are widely used for the authentication of digital assets. Typically, password security and usability is a trade-off, i.e. easy-to-remember passwords have higher usability that makes them vulnerable to brute-force and dictionary attacks. Complex passwords have stronger security but poor usability. In order to strengthen the security in conjunction with the improved usability, we hereby propose a novel graphical authentication system. This system is a picture-based password scheme which comprises of the method of image splicing. Authentication data were collected from 33 different users. The usability of the method was evaluated via a comparison between the number of correct and incorrect authentication attempts and time taken. Additionally, a comparison was made between our proposed method and a complex text-based password authentication method using the authentication success rate. Authentication using image splicing proved to be resilient to brute-force attacks since the processing of images consumes a voluminous password space. The evaluation of the usability revealed that graphical passwords were easy-to-remember, resulting in a higher number of correct attempts. The proposed method produced 50% higher success rate compared to the text-based method. Findings motivate the use of the proposed method for securing digital assets.

Download Full-text

Study and Development of Graphical Authentication System for Secure File Transmission

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.10.21042 ◽

2018 ◽

Vol 7 (4.10) ◽

pp. 470

Author(s):

P. L.P.Ramyasri ◽

D. Malathi ◽

J. D. Dorathi Jayaseeli ◽

K. Senthilkumar

Keyword(s):

Social Engineering ◽

Survey Study ◽

Future Research ◽

Brute Force ◽

Graphical Password ◽

Graphical Passwords ◽

Password Security ◽

Authentication System ◽

Present Text ◽

Dictionary Attacks

The text-based password has been the most common practice from ancient days till present. Text based pass-words are also known for various threats, and it is prone to attacks like guessing attacks, dictionary attacks, social engineering attacks, brute force attacks, etc. The next immediate concept following the text based password is the graphical password schemes to improve password security and usability. In present days graphical passwords are being implemented more commonly. This approach is different from the traditional alpha numeric as it deals with images. In this paper a survey study is done to analyse various techniques used for authentication and also some of the methods for graphical authentication techniques like Pass Matrix, Cued Clicked points(CPP), CAPTCHA, Image distortion with text association, Doodle scheme, Standard recognition-based scheme, Stegno pin authentication method. Based on the existing methods, the future research can be done in order to improve security for graphical authentication.

Download Full-text

A Novel Cue based Picture Word Shape Character Password Creation Scheme

International Journal of Digital Crime and Forensics ◽

10.4018/ijdcf.2015070103 ◽

2015 ◽

Vol 7 (3) ◽

pp. 37-59 ◽

Cited By ~ 2

Author(s):

Kevin Curran ◽

Andrew Snodgrass

Keyword(s):

Side Effects ◽

Success Rate ◽

Rapid Rate ◽

Brute Force ◽

Password Security ◽

Internet Users ◽

Word Shape

The number of internet users is growing at a rapid rate and this means users now have to remember passwords for many different accounts. The side effects of this increase of user accounts is that users are putting password usability before password security in order to remember these passwords. This paper outlines a novel password creation scheme for creating strong, secure unique passwords that are easier for users to remember on multiple sites. The scheme includes features to more easily create a secure password and recall this password, whilst including multiple layers of security against a targeted attack by an adversary. Results showed that users who did not use a scheme had a much lower login success rate for their accounts than the users who used the created scheme. They also showed that the average password length for each group of users was the same meaning the created scheme passwords in this sample has no greater protection against brute-force attacks, but in terms of dictionary and hybrid attacks the scheme passwords generally seemed to have a lot more protection.

Download Full-text

Implementasi Algoritma Hamming Distance dan Brute Force dalam Mendeteksi Kemiripan Source Code Bahasa Pemrograman C

Jurnal ULTIMATICS ◽

10.31937/ti.v8i2.514 ◽

2017 ◽

Vol 8 (2) ◽

Author(s):

Andreas Budiman ◽

Dennis Gunawan ◽

Seng Hansun

Keyword(s):

College Presidents ◽

Hamming Distance ◽

Source Code ◽

Structural Type ◽

Brute Force ◽

Important Thing ◽

The Past ◽

Index Terms ◽

Better Than

Plagiarism is a behavior that causes violence of copyrights. Survey shows 55% of college presidents say that plagiarism in students’ papers has increased over the past 10 years. Therefore, an application for detecting plagiarism is needed, especially for teachers. This plagiarism checker application is made by using Visual C# 2010. The plagiarism checker uses hamming distance algorithm for matching line code of the source code. This algorithm works by matching the same length string of the code programs. Thus, it needs brute will be matched with hamming distance. Another important thing for detecting plagiarism is the preprocessing, which is used to help the algorithm for detecting plagiarized source code. This paper shows that the application works good in detecting plagiarism, the hamming distance algorithm and brute force algorithm works better than levenstein distance algorithm for detecting structural type of plagiarism and this thesis also shows that the preprocessing could help the application to increase its percentage and its accuracy. Index Terms—Brute Force, Hamming Distance, Plagiarisme, Preprocessing.

Download Full-text

Nuclear Magnetic Resonance on Brute-Force-OrientedIn111

Physical Review Letters ◽

10.1103/physrevlett.49.347 ◽

1982 ◽

Vol 49 (5) ◽

pp. 347-351 ◽

Cited By ~ 14

Author(s):

C. Nuytten ◽

D. Vandeplassche ◽

E. van Walle ◽

L. Vanneste

Keyword(s):

Nuclear Magnetic Resonance ◽

Magnetic Resonance ◽

Brute Force ◽

Nuclear Magnetic

Download Full-text

Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization

IEEE Transactions on Information Forensics and Security ◽

10.1109/tifs.2019.2895955 ◽

2019 ◽

Vol 14 (9) ◽

pp. 2288-2299 ◽

Cited By ~ 13

Author(s):

Salman Salamatian ◽

Wasim Huleihel ◽

Ahmad Beirami ◽

Asaf Cohen ◽

Muriel Medard

Keyword(s):

Brute Force

Download Full-text

Brute force attacks on hash functions

Journal of Discrete Mathematical Sciences and Cryptography ◽

10.1080/09720529.2007.10698131 ◽

2007 ◽

Vol 10 (3) ◽

pp. 439-460 ◽

Cited By ~ 2

Author(s):

G. Laccetti ◽

G. Schmid

Keyword(s):

Hash Functions ◽

Brute Force

Download Full-text

A homogeneous parallel brute force cracking algorithm on the GPU

ICTC 2011 ◽

10.1109/ictc.2011.6082661 ◽

2011 ◽

Cited By ~ 3

Author(s):

Anh-Duy Vu ◽

Jea-Il Han ◽

Hong-An Nguyen ◽

Young-Man Kim ◽

Eun-Jin Im

Keyword(s):

Brute Force

Download Full-text

User password repetitive patterns analysis and visualization

Information and Computer Security ◽

10.1108/ics-06-2015-0026 ◽

2016 ◽

Vol 24 (1) ◽

pp. 93-115 ◽

Cited By ~ 2

Author(s):

Xiaoying Yu ◽

Qi Liao

Keyword(s):

Security Policy ◽

Large Data ◽

Efficient Algorithms ◽

Privacy And Security ◽

Data Set ◽

Web Based ◽

Content Type ◽

Word Cloud ◽

Individual Privacy ◽

Password Security

Purpose – Passwords have been designed to protect individual privacy and security and widely used in almost every area of our life. The strength of passwords is therefore critical to the security of our systems. However, due to the explosion of user accounts and increasing complexity of password rules, users are struggling to find ways to make up sufficiently secure yet easy-to-remember passwords. This paper aims to investigate whether there are repetitive patterns when users choose passwords and how such behaviors may affect us to rethink password security policy. Design/methodology/approach – The authors develop a model to formalize the password repetitive problem and design efficient algorithms to analyze the repeat patterns. To help security practitioners to analyze patterns, the authors design and implement a lightweight, Web-based visualization tool for interactive exploration of password data. Findings – Through case studies on a real-world leaked password data set, the authors demonstrate how the tool can be used to identify various interesting patterns, e.g. shorter substrings of the same type used to make up longer strings, which are then repeated to make up the final passwords, suggesting that the length requirement of password policy does not necessarily increase security. Originality/value – The contributions of this study are two-fold. First, the authors formalize the problem of password repetitive patterns by considering both short and long substrings and in both directions, which have not yet been considered in past. Efficient algorithms are developed and implemented that can analyze various repeat patterns quickly even in large data set. Second, the authors design and implement four novel visualization views that are particularly useful for exploration of password repeat patterns, i.e. the character frequency charts view, the short repeat heatmap view, the long repeat parallel coordinates view and the repeat word cloud view.

Download Full-text