English
Related papers

Related papers: Securing Password Authentication for Web-based App…

200 papers

Understanding the common vulnerabilities in web applications help businesses be better prepared in protecting their data against such attacks. With the knowledge gained from research users and developers can be better equipped to deal with…

Cryptography and Security · Computer Science 2020-12-21 Matthew Bach-Nutman

Many computer-based authentication schemata are based on pass- words. Logging on a computer, reading email, accessing content on a web server are all examples of applications where the identification of the user is usually accomplished…

Cryptography and Security · Computer Science 2007-05-23 Michele Finelli

A partial password is a mode of password-based authentication that is widely used, especially in the financial sector. It is based on a challenge-response protocol, where at each login attempt, a challenge requesting characters from…

Cryptography and Security · Computer Science 2017-01-03 Theodosis Mourouzis , Marcin Wojcik , Nikos Komninos

Approximately 61% of cyber attacks involve adversaries in possession of valid credentials. Attackers acquire credentials through various means, including phishing, dark web data drops, password reuse, etc. Multi-factor authentication (MFA)…

Cryptography and Security · Computer Science 2024-08-31 Sam Hays , Michael Sandborn , Jules White

Phishing is a type of social engineering attack with an intention to steal user data, including login credentials and credit card numbers, leading to financial losses for both organisations and individuals. It occurs when an attacker,…

Cryptography and Security · Computer Science 2020-07-02 J. Samantha Tharani , Nalin Asanka Gamagedara Arachchilage

More and more parts of the internet are hidden behind a login field. This poses a barrier to any study predicated on scanning the internet. Moreover, the authentication process itself may be a weak point. To study authentication weaknesses…

Cryptography and Security · Computer Science 2018-08-03 Hugo Jonker , Jelmer Kalkman , Benjamin Krumnow , Marc Sleegers , Alan Verresen

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas

To prevent credential stuffing attacks, industry best practice now proactively checks if user credentials are present in known data breaches. Recently, some web services, such as HaveIBeenPwned (HIBP) and Google Password Checkup (GPC), have…

Cryptography and Security · Computer Science 2019-09-05 Lucy Li , Bijeeta Pal , Junade Ali , Nick Sullivan , Rahul Chatterjee , Thomas Ristenpart

In recent years, the attack which leverages register information (e.g. accounts and passwords) leaked from 3rd party applications to try other applications is popular and serious. We call this attack "database collision". Traditionally,…

Cryptography and Security · Computer Science 2022-06-27 Bo Zhao , Yu Zhou

User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or…

Cryptography and Security · Computer Science 2013-11-19 Gloriya Mathew , Shiney Thomas

One of the biggest problems with the Internet technology is the unwanted spam emails. The well disguised phishing email comes in as part of the spam and makes its entry into the inbox quite frequently nowadays. While phishing is normally…

Cryptography and Security · Computer Science 2014-10-20 B. Issac , R. Chiong , S. M. Jacob

Web-fraud is one of the most unpleasant features of today's Internet. Two well-known examples of fraudulent activities on the web are phishing and typosquatting. Their effects range from relatively benign (such as unwanted ads) to downright…

Cryptography and Security · Computer Science 2015-03-13 Mishari Al Mishari , Emiliano De Cristofaro , Karim El Defrawy , Gene Tsudik

Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in…

Cryptography and Security · Computer Science 2022-01-27 Fatima Salahdine , Zakaria El Mrabet , Naima Kaabouch

The most widespread type of phishing attack involves email messages with links pointing to malicious content. Despite user training and the use of detection techniques, these attacks are still highly effective. Recent studies show that it…

Cryptography and Security · Computer Science 2025-02-28 Daniele Lain , Yoshimichi Nakatsuka , Kari Kostiainen , Gene Tsudik , Srdjan Capkun

Phishing is an online identity theft that aims to steal sensitive information such as username, password and online banking details from its victims. Phishing education needs to be considered as a means to combat this threat. This paper…

Computers and Society · Computer Science 2015-11-12 Nalin Asanka Gamagedara Arachchilage

In today's world, Web applications play a very important role in individual life as well as in any country's development. Web applications have gone through a very rapid growth in the recent years and their adoption is moving faster than…

Cryptography and Security · Computer Science 2013-06-18 Diallo Abdoulaye Kindy , Al-Sakib Khan Pathan

The ubiquity of user accounts in websites and online services makes account hijacking a serious security concern. Although previous research has studied various techniques through which an attacker can gain access to a victim's account,…

Cryptography and Security · Computer Science 2022-05-23 Avinash Sudhodanan , Andrew Paverd

Password managers provide significant security benefits to users. However, malicious client-side scripts and browser extensions can steal passwords after the manager has autofilled them into the web page. In this paper, we extend prior work…

Cryptography and Security · Computer Science 2025-10-16 Anuj Gautam , Tarun Yadav , Garrett Smith , Kent Seamons , Scott Ruoti

Research shows that phishing emails often utilize persuasion techniques, such as social proof, liking, consistency, authority, scarcity, and reciprocity to gain trust to obtain sensitive information or maliciously infect devices. The link…

Cryptography and Security · Computer Science 2024-12-25 Kalam Khadka , Abu Barkat Ullah , Wanli Ma , Elisa Martinez Marroquin

Phishing is a common online weapon, used against users, by Phishers for acquiring a confidential information through deception. Since the inception of internet, nearly everything, ranging from money transaction to sharing information, is…

Artificial Intelligence · Computer Science 2013-12-11 Anugrah Kumar , Sanjiban Shekar Roy , Sarvesh SS Rawat , Sanklan Saxena