English
Related papers

Related papers: Evaluating Password Advice

200 papers

Authentication security advice is given with the goal of guiding users and organisations towards secure actions and practices. In this paper, we demonstrate that security advice can be ambiguous, contradictory and at times may not even have…

Cryptography and Security · Computer Science 2023-02-17 Hazel Murray , David Malone

Researchers have extensively explored how password creation policies influence the security and usability of user-chosen passwords, producing evidence-based policy guidelines. However, for web authentication to improve in practice, websites…

Cryptography and Security · Computer Science 2023-09-08 Suood Alroomi , Frank Li

Text password has served as the most popular method for user authentication so far, and is not likely to be totally replaced in foreseeable future. Password authentication offers several desirable properties (e.g., low-cost, highly…

Cryptography and Security · Computer Science 2022-12-27 Lam Tran , Thuc Nguyen , Changho Seo , Hyunil Kim , Deokjai Choi

Passphrases offer an alternative to traditional passwords which aim to be stronger and more memorable. However, users tend to choose short passphrases with predictable patterns that may reduce the security they offer. To explore the…

Cryptography and Security · Computer Science 2021-10-19 Christopher Bonk , Zach Parish , Julie Thorpe , Amirali Salehi-Abari

In this paper we will look at the distribution with which passwords are chosen. Zipf's Law is commonly observed in lists of chosen words. Using password lists from four different on-line sources, we will investigate if Zipf's law is a good…

Cryptography and Security · Computer Science 2015-09-02 David Malone , Kevin Maher

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl

Usable and secure authentication on the web and beyond is mission-critical. While password-based authentication is still widespread, users have trouble dealing with potentially hundreds of online accounts and their passwords. Alternatives…

Cryptography and Security · Computer Science 2023-11-28 Jan H. Klemmer , Marco Gutfleisch , Christian Stransky , Yasemin Acar , M. Angela Sasse , Sascha Fahl

Password guessers are instrumental for assessing the strength of passwords. Despite their diversity and abundance, little is known about how different guessers compare to each other. We perform in-depth analyses and comparisons of the…

Cryptography and Security · Computer Science 2021-02-23 Zach Parish , Connor Cushing , Shourya Aggarwal , Amirali Salehi-Abari , Julie Thorpe

Over the years security experts in the field of Information Technology have had a tough time in making passwords secure. This paper studies and takes a careful look at this issue from the angle of philosophy and cognitive science. We have…

Cryptography and Security · Computer Science 2009-09-15 M Atif Qureshi , Arjumand Younus , Arslan Ahmed Khan

Although it is common for users to select bad passwords that can be easily cracked by attackers, password-based authentication remains the most widely-used method. To encourage users to select good passwords, enterprises often enforce…

Cryptography and Security · Computer Science 2015-12-21 Cem S. Sahin , Robert Lychev , Neal Wagner

Leaks from password datasets are a regular occurrence. An organization may defend a leak with reassurances that just a small subset of passwords were taken. In this paper we show that the leak of a relatively small number of text-based…

Cryptography and Security · Computer Science 2021-03-29 Hazel Murray , David Malone

With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of users. Password authentication is one of the widely used methods to…

Cryptography and Security · Computer Science 2023-01-31 Lifeng Han

We present an in-depth analysis on the strength of the almost 10,000 passwords from users of an instant messaging server in Italy. We estimate the strength of those passwords, and compare the effectiveness of state-of-the-art attack methods…

Cryptography and Security · Computer Science 2009-07-21 Matteo Dell'Amico , Pietro Michiardi , Yves Roudier

A password composition policy restricts the space of allowable passwords to eliminate weak passwords that are vulnerable to statistical guessing attacks. Usability studies have demonstrated that existing password composition policies can…

Cryptography and Security · Computer Science 2013-02-26 Jeremiah Blocki , Saranga Komanduri , Ariel Procaccia , Or Sheffet

For the first time, we report gender bias in people's choice and use of password managers, through a semi-structured interview ($n=18$) and a questionnaire-based survey ($n=200$, conducted `in the wild'). Not only do women and men prefer…

Cryptography and Security · Computer Science 2022-06-29 Jeff Yan , Dearbhla McCabe

We notice that the "password security" discourse is missing the most fundamental notion of the "password strength" -- it was never properly defined. We propose a canonical definition of the "password strength", based on the assessment of…

Cryptography and Security · Computer Science 2016-06-21 Eugene Panferov

Password users frequently employ passwords that are too simple, or they just reuse passwords for multiple websites. A common complaint is that utilizing secure passwords is too difficult. One possible solution to this problem is to use a…

Cryptography and Security · Computer Science 2019-06-04 Elan Rosenfeld , Santosh Vempala , Manuel Blum

Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…

Cryptography and Security · Computer Science 2014-02-27 Sharayu A. Aghav , RajneeshKaur Bedi

Passwords should be easy to remember, yet expiration policies mandate their frequent change. Caught in the crossfire between these conflicting requirements, users often adopt creative methods to perform slight variations over time. While…

Cryptography and Security · Computer Science 2020-09-18 Davide Berardi , Franco Callegati , Andrea Melis , Marco Prandini

Leaked passwords from data breaches can pose a serious threat to users if the password is reused elsewhere. With more online services getting breached today, there is still a lack of large-scale quantitative understanding of the risks of…

Cryptography and Security · Computer Science 2017-06-09 Chun Wang , Steve T. K. Jan , Hang Hu , Gang Wang
‹ Prev 1 2 3 10 Next ›