English
Related papers

Related papers: Measuring Password Strength: An Empirical Analysis

200 papers

Despite numerous countermeasures proposed by practitioners and researchers, remote control-flow alteration of programs with memory-safety vulnerabilities continues to be a realistic threat. Guaranteeing that complex software is completely…

Cryptography and Security · Computer Science 2017-02-20 Martín Ochoa , Sebastian Banescu , Cynthia Disenfeld , Gilles Barthe , Vijay Ganesh

Passwords remain the primary authentication method, yet user-created passwords are often the weakest due to the security-usability trade-off. Although AI-based password generators are emerging, little is known about their effectiveness and…

Human-Computer Interaction · Computer Science 2026-04-28 Duru Paker , Suleyman Ozdel , Enkelejda Kasneci

The security of messaging applications against person-in-the-middle attacks relies on the authenticity of the exchanged keys. For users unable to meet in person, a manual key fingerprint verification is necessary to ascertain key…

Human-Computer Interaction · Computer Science 2021-06-03 Lee Livsey , Helen Petrie , Siamak F. Shahandashti , Aidan Fray

Cybersecurity incidents such as data breaches have become increasingly common, affecting millions of users and organizations worldwide. The complexity of cybersecurity threats challenges the effectiveness of existing security communication…

Cryptography and Security · Computer Science 2025-04-04 Carolina Carreira , Alexandra Mendes , João F. Ferreira , Nicolas Christin

In multi-tier network systems, custom applications, Web services and platform environments, storing data and information assets becomes a challenge for any organisation. Although there are different methods to secure network systems, the…

Cryptography and Security · Computer Science 2022-12-23 Aiman Al-Sabaawi , Thamer A. Alrowidhan

Honeywords are decoy passwords that can be added to a credential database; if a login attempt uses a honeyword, this indicates that the site's credential database has been leaked. In this paper we explore the basic requirements for…

Cryptography and Security · Computer Science 2024-03-07 Zonghao Huang , Lujo Bauer , Michael K. Reiter

Traditional text-based password schemes are inherently weak. Users tend to choose passwords that are easy to remember, making them susceptible to various attacks that have matured over the years. ObPwd [5] has tried to address these issues…

Cryptography and Security · Computer Science 2018-01-23 Sufian Hameed , Lamak Qaizar , Shankar Khatri

Security vulnerabilities of traditional single factor authentication has become a major concern for security practitioners and researchers. To mitigate single point failures, new and technologically advanced Multi-Factor Authentication…

Cryptography and Security · Computer Science 2019-08-19 Sanchari Das , Bingxing Wang , Zachary Tingle , L. Jean Camp

Hundreds of defenses have been proposed to make deep neural networks robust against minimal (adversarial) input perturbations. However, only a handful of these defenses held up their claims because correctly evaluating robustness is…

Machine Learning · Computer Science 2022-06-29 Roland S. Zimmermann , Wieland Brendel , Florian Tramer , Nicholas Carlini

Honeyword is a representative "honey" technique that employs decoy objects to mislead adversaries and protect the real ones. To assess the security of a Honeyword system, two metrics--flatness and success-number--have been proposed and…

Cryptography and Security · Computer Science 2025-04-22 Pengcheng Su , Haibo Cheng , Wenting Li , Ping Wang

We draw on the Protection Motivation Theory (PMT) to design nudges that encourage users to change breached passwords. Our online experiment ($n$=$1,386$) compared the effectiveness of a threat appeal (highlighting negative consequences of…

Cryptography and Security · Computer Science 2024-05-27 Yixin Zou , Khue Le , Peter Mayer , Alessandro Acquisti , Adam J. Aviv , Florian Schaub

Nowadays, advanced security mechanisms exist to protect data, systems, and networks. Most of these mechanisms are effective, and security experts can handle them to achieve a sufficient level of security for any given system. However, most…

Cryptography and Security · Computer Science 2015-06-24 Hans-Joachim Hof

We study linking attacks on communication protocols. We show that an active attacker is strictly more powerful in this setting than previously-considered passive attackers. We introduce a formal model to reason about active linkability…

Cryptography and Security · Computer Science 2014-04-10 Henning Schnoor , Oliver Woizekowski

In this paper, we study the security requirements for remote authentication with password protected smart card. In recent years, several protocols for password-based authenticated key exchange have been proposed. These protocols are used…

Cryptography and Security · Computer Science 2012-07-24 Yongge Wang

Password-based authentication faces various security and usability issues. Password managers help alleviate some of these issues by enabling users to manage their passwords effectively. However, malicious client-side scripts and browser…

Cryptography and Security · Computer Science 2024-02-12 Anuj Gautam , Tarun Kumar Yadav , Kent Seamons , Scott Ruoti

Password managers (PMs) are considered highly effective tools for increasing security, and a recent study by Pearman et al. (SOUPS'19) highlighted the motivations and barriers to adopting PMs. We expand these findings by replicating Pearman…

Cryptography and Security · Computer Science 2020-10-06 Hirak Ray , Flynn Wolf , Ravi Kuber , Adam J. Aviv

Multi-Factor Authentication is intended to strengthen the security of password-based authentication by adding another factor, such as hardware tokens or one-time passwords using mobile apps. However, this increased authentication security…

Cryptography and Security · Computer Science 2023-09-20 Sabrina Amft , Sandra Höltervennhoff , Nicolas Huaman , Alexander Krause , Lucy Simko , Yasemin Acar , Sascha Fahl

Password managers have the potential to help users more effectively manage their passwords and address many of the concerns surrounding password-based authentication, however prior research has identified significant vulnerabilities in…

Cryptography and Security · Computer Science 2019-12-11 Sean Oesch , Scott Ruoti

Asymmetric password based key exchange is a key exchange protocol where a client and a server share a low entropic password while the server additionally owns a high entropic secret for a public key. There are simple solutions for this…

Cryptography and Security · Computer Science 2010-09-28 Shaoquan Jiang

Several previous studies have investigated user susceptibility to phishing attacks. A thorough meta-analysis or systematic review is required to gain a better understanding of these findings and to assess the strength of evidence for…

Cryptography and Security · Computer Science 2024-10-28 Shahryar Baki , Rakesh Verma