English
Related papers

Related papers: Measuring Password Strength: An Empirical Analysis

200 papers

In recent years, numerous incidents involving the leakage of website accounts and text passwords (referred to as passwords) have raised significant concerns regarding the potential exposure of personal information. These events underscore…

Cryptography and Security · Computer Science 2026-04-07 Abel C. H. Chen

The remarkable capabilities of Large Language Models (LLMs) in natural language understanding and generation have sparked interest in their potential for cybersecurity applications, including password guessing. In this study, we conduct an…

Cryptography and Security · Computer Science 2026-01-01 Mohammad Abdul Rehman , Syed Imad Ali Shah , Abbas Anwar , Noor Islam , Hamid Khan

Gesture and signature passwords are two-dimensional figures created by drawing on the surface of a touchscreen with one or more fingers. Prior results about their security have used resilience to either shoulder surfing, a human observation…

Cryptography and Security · Computer Science 2018-12-27 Can Liu , Shridatt Sugrim , Gradeigh D. Clark , Janne Lindqvist

This work explores injection attacks against password managers. In this setting, the adversary (only) controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing…

Cryptography and Security · Computer Science 2024-08-14 Andrés Fábrega , Armin Namavari , Rachit Agarwal , Ben Nassi , Thomas Ristenpart

Password security has been compelled to evolve in response to the growing computational capabilities of modern systems. However, this evolution has often resulted in increasingly complex security practices that alienate users, leading to…

Cryptography and Security · Computer Science 2025-10-14 Tonmoy Ghosh

As language models are increasingly deployed as autonomous agents in high-stakes settings, ensuring that they reliably follow user-defined rules has become a critical safety concern. To this end, we study whether language models exhibit…

Machine Learning · Computer Science 2025-08-28 Dylan Sam , Alexander Robey , Andy Zou , Matt Fredrikson , J. Zico Kolter

Keystroke timing based active authentication systems are conceptually attractive because: (i) they use the keyboard as the sensor and are not hardware-cost prohibitive, and (ii) they use the keystrokes generated from normal usage of…

Cryptography and Security · Computer Science 2018-04-24 Md Enamul Karim , Kiran S. Balagani , Aaron Elliott , David Irakiza , Mike O'Neal , Vir Phoha

In this paper we will look at the distribution with which passwords are chosen. Zipf's Law is commonly observed in lists of chosen words. Using password lists from four different on-line sources, we will investigate if Zipf's law is a good…

Cryptography and Security · Computer Science 2015-09-02 David Malone , Kevin Maher

Passwords are undoubtedly the most dominant user authentication mechanism on the web today. Although they are inexpensive and easy-to-use, security concerns of password-based authentication are serious. Phishing and theft of password…

Cryptography and Security · Computer Science 2018-04-24 Klaudia Krawiecka , Arseny Kurnikov , Andrew Paverd , Mohammad Mannan , N. Asokan

In this work we analyse five popular commercial password managers for security vulnerabilities. Our analysis is twofold. First, we compile a list of previously disclosed vulnerabilities through a comprehensive review of the academic and…

Cryptography and Security · Computer Science 2020-03-18 Michael Carr , Siamak F. Shahandashti

With the rise of sophisticated authentication bypass techniques, passwords are no longer considered a reliable method for securing authentication systems. In recent years, new authentication technologies have shifted from traditional…

Cryptography and Security · Computer Science 2025-08-19 Lien Tran , Boyuan Zhang , Ratchanon Pawanja , Rashid Hussain Khokhar

The aim of this work is to study the evolution of password selection among users. We investigate whether users follow best practices when selecting passwords and identify areas in need of improvement. Four distinct publicly-available…

Cryptography and Security · Computer Science 2018-04-12 Theodosis Mourouzis , Kyriacos E. Pavlou , Stylianos Kampakis

Password security hinges on an in-depth understanding of the techniques adopted by attackers. Unfortunately, real-world adversaries resort to pragmatic guessing strategies such as dictionary attacks that are inherently difficult to model in…

Cryptography and Security · Computer Science 2021-03-01 Dario Pasquini , Marco Cianfriglia , Giuseppe Ateniese , Massimo Bernaschi

Text-based secrets are still the most commonly used authentication mechanism in information systems. IT managers must strike a balance between security and memorability while developing password policies. Initially introduced as more secure…

Cryptography and Security · Computer Science 2021-12-08 Noopa Jagadeesh , Miguel Vargas Martin

Passwords should be easy to remember, yet expiration policies mandate their frequent change. Caught in the crossfire between these conflicting requirements, users often adopt creative methods to perform slight variations over time. While…

Cryptography and Security · Computer Science 2020-09-18 Davide Berardi , Franco Callegati , Andrea Melis , Marco Prandini

The obstacles of each security system combined with the increase of cyber-attacks, negatively affect the effectiveness of network security management and rise the activities to be taken by the security staff and network administrators. So,…

Cryptography and Security · Computer Science 2025-02-06 Mamoon A. Al Jbaar , Adel Jalal Yousif , Qutaiba I. Ali

Recently, few certified defense methods have been developed to provably guarantee the robustness of a text classifier to adversarial synonym substitutions. However, all existing certified defense methods assume that the defenders are…

Computation and Language · Computer Science 2021-07-27 Jiehang Zeng , Xiaoqing Zheng , Jianhan Xu , Linyang Li , Liping Yuan , Xuanjing Huang

Network robustness is critical for various industrial and social networks against malicious attacks, which has various meanings in different research contexts and here it refers to the ability of a network to sustain its functionality when…

Social and Information Networks · Computer Science 2023-02-09 Yang Lou , Lin Wang , Guanrong Chen

Users often choose passwords that are easy to remember but also easy to guess by attackers. Recent studies have revealed the vulnerability of textual passwords to shoulder surfing and keystroke loggers. It remains a critical challenge in…

Human-Computer Interaction · Computer Science 2014-07-29 Mahdi Nasrullah Al-Ameen , S M Taiabul Haque , Matthew Wright

The widespread use of large language models (LLMs) is increasing the demand for methods that detect machine-generated text to prevent misuse. The goal of our study is to stress test the detectors' robustness to malicious attacks under…

Computation and Language · Computer Science 2024-02-20 Yichen Wang , Shangbin Feng , Abe Bohan Hou , Xiao Pu , Chao Shen , Xiaoming Liu , Yulia Tsvetkov , Tianxing He