English
Related papers

Related papers: Might I Get Pwned: A Second Generation Compromised…

200 papers

To prevent credential stuffing attacks, industry best practice now proactively checks if user credentials are present in known data breaches. Recently, some web services, such as HaveIBeenPwned (HIBP) and Google Password Checkup (GPC), have…

Cryptography and Security · Computer Science 2019-09-05 Lucy Li , Bijeeta Pal , Junade Ali , Nick Sullivan , Rahul Chatterjee , Thomas Ristenpart

We propose a framework by which websites can coordinate to detect credential stuffing on individual user accounts. Our detection algorithm teases apart normal login behavior (involving password reuse, entering correct passwords into the…

Cryptography and Security · Computer Science 2021-03-05 Ke Coby Wang , Michael K. Reiter

In October 2023, 23andMe, a prominent provider of personal genetic testing, ancestry, and health information services, suffered a significant data breach orchestrated by a cybercriminal known as ``Golem.'' Initially, approximately 14,000…

Cryptography and Security · Computer Science 2025-02-07 Ryan Holthouse , Serena Owens , Suman Bhunia

Security and privacy have been considered a corner stone in all electronic transactions nowadays. People are becoming very cautious when conducting electronic transactions over internet. One of the major issues that frightens them is…

Cryptography and Security · Computer Science 2019-10-23 Belal Amro , Ahmed Abu Sabha , Ammar Qunaibi , Ibraheem Najjar

Decoy passwords, or ``honeywords,'' alert a site to its breach if entered in a login attempt on that site. However, an attacker can identify a user-chosen password from among the decoys, without alerting the site to its breach, via…

Cryptography and Security · Computer Science 2026-05-14 Mridu Nanda , Michael K. Reiter

Leaked passwords from data breaches can pose a serious threat to users if the password is reused elsewhere. With more online services getting breached today, there is still a lack of large-scale quantitative understanding of the risks of…

Cryptography and Security · Computer Science 2017-06-09 Chun Wang , Steve T. K. Jan , Hang Hu , Gang Wang

The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide…

Cryptography and Security · Computer Science 2021-02-01 Jinyong Chen , Reiner Dojen , Anca Jurcut

The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for…

Cryptography and Security · Computer Science 2021-01-22 Vassilis Papaspirou , Leandros Maglaras , Mohamed Amine Ferrag , Ioanna Kantzavelou , Helge Janicke , Christos Douligeris

Today, Online Social Networks such as Facebook, LinkedIn and Twitter are the most popular platforms on the Internet, on which millions of users register to share personal information with their friends. A large amount of data, social links…

Cryptography and Security · Computer Science 2014-07-01 Morteza Yousefi Kharaji , Fatemeh Salehi Rizi , Mohammad Reza Khayyambashi

Nowadays, Online Social Networks are popular websites on the internet, which millions of users register on and share their own personal information with others. Privacy threats and disclosing personal information are the most important…

Social and Information Networks · Computer Science 2014-03-11 Morteza Yousefi Kharaji , Fatemeh Salehi Rizi

In this work we analyse five popular commercial password managers for security vulnerabilities. Our analysis is twofold. First, we compile a list of previously disclosed vulnerabilities through a comprehensive review of the academic and…

Cryptography and Security · Computer Science 2020-03-18 Michael Carr , Siamak F. Shahandashti

Some protected password change protocols were proposed. However, the previous protocols were easily vulnerable to several attacks such as denial of service, password guessing, stolen-verifier and impersonation atacks etc. Recently, Chang et…

Cryptography and Security · Computer Science 2007-05-23 Ren-Chiun Wang , Chou-Chen Yang , Kun-Ru Mo

Credential theft and remote attacks are the most serious threats to user authentication mechanisms. The crux of these problems is that we cannot control such behaviors. However, if a password does not contain user secrets, stealing it is…

Cryptography and Security · Computer Science 2024-06-03 Suyun Borjigin

This work focuses on the problem of detection and prevention of stolen and misused secrets (such as private keys) for authentication toward centralized services. We propose a solution for such a problem based on the blockchain-based…

Cryptography and Security · Computer Science 2022-11-08 Jozef Drga , Ivan Homoliak , Juraj Vančo , Martin Perešíni , Petr Hanáček

Passwords should be easy to remember, yet expiration policies mandate their frequent change. Caught in the crossfire between these conflicting requirements, users often adopt creative methods to perform slight variations over time. While…

Cryptography and Security · Computer Science 2020-09-18 Davide Berardi , Franco Callegati , Andrea Melis , Marco Prandini

Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…

Cryptography and Security · Computer Science 2014-02-27 Sharayu A. Aghav , RajneeshKaur Bedi

Based on the analysis of $6$-digit one-time passwords(OTP) generated by DIGIPASS GO3 we were able to reconstruct the synchronisation system of the token, the OTP generating algorithm and the verification protocol in details essential for an…

Cryptography and Security · Computer Science 2015-06-23 Igor Semaev

In the face of large-scale automated social engineering attacks to large online services, fast detection and remediation of compromised accounts are crucial to limit the spread of new attacks and to mitigate the overall damage to users,…

Cryptography and Security · Computer Science 2018-01-29 Hassan Halawa , Matei Ripeanu , Konstantin Beznosov , Baris Coskun , Meizhu Liu

Passwords are undoubtedly the most dominant user authentication mechanism on the web today. Although they are inexpensive and easy-to-use, security concerns of password-based authentication are serious. Phishing and theft of password…

Cryptography and Security · Computer Science 2018-04-24 Klaudia Krawiecka , Arseny Kurnikov , Andrew Paverd , Mohammad Mannan , N. Asokan

Approximately 61% of cyber attacks involve adversaries in possession of valid credentials. Attackers acquire credentials through various means, including phishing, dark web data drops, password reuse, etc. Multi-factor authentication (MFA)…

Cryptography and Security · Computer Science 2024-08-31 Sam Hays , Michael Sandborn , Jules White
‹ Prev 1 2 3 10 Next ›