Passlab: A Password Security Tool for the Blue Team
Abstract
If we wish to compromise some password-protected system as an attacker (i.e. a member of the red team), we have a large number of popular and actively-maintained tools to choose from in helping us to realise our goal. Password hash cracking hardware and software, online guessing tools, exploit frameworks, and a wealth of tools for helping us to perform reconnaissance on the target system are widely available. By comparison, if we wish to defend a password-protected system against such an attack (i.e. as a member of the blue team), we have comparatively few tools to choose from. In this research abstract, we present our work to date on Passlab, a password security tool designed to help system administrators take advantage of formal methods in order to make sensible and evidence-based security decisions using a clean and intuitive user interface.
Cite
@article{arxiv.2003.07208,
title = {Passlab: A Password Security Tool for the Blue Team},
author = {Saul Johnson},
journal= {arXiv preprint arXiv:2003.07208},
year = {2020}
}
Comments
4 pages, 2 figures