English
Related papers

Related papers: Long Passphrases: Potentials and Limits

200 papers

Security questions are one of the mechanisms used to recover passwords. Strong answers to security questions (i.e. high entropy) are hard for attackers to guess or obtain using social engineering techniques (e.g. monitoring of social…

Cryptography and Security · Computer Science 2017-09-26 Nicholas Micallef , Nalin Asanka Gamagedara Arachchilage

Passwords are the primary authentication method online, but even with password policies and meters, users still find it hard to create strong and memorable passwords. In this paper, we propose DPAR: a Data-driven PAssword Recommendation…

Cryptography and Security · Computer Science 2024-06-06 Assaf Morag , Liron David , Eran Toch , Avishai Wool

This paper considers password generators, i.e. systems designed to generate site-specific passwords on demand. Such systems are an alternative to password managers. Over the last 15 years a range of password generator systems have been…

Cryptography and Security · Computer Science 2016-07-18 Fatma AL Maqbali , Chris J Mitchell

Reusing passwords across multiple websites is a common practice that compromises security. Recently, Blum and Vempala have proposed password strategies to help people calculate, in their heads, passwords for different sites without…

Human-Computer Interaction · Computer Science 2018-05-28 Samira Samadi , Santosh Vempala , Adam Tauman Kalai

Password managers are important tools that enable us to use stronger passwords, freeing us from the cognitive burden of remembering them. Despite this, there are still many users who do not fully trust password managers. In this paper, we…

Cryptography and Security · Computer Science 2021-06-22 Miguel Grilo , João F. Ferreira , José Bacelar Almeida

Password guessers are instrumental for assessing the strength of passwords. Despite their diversity and abundance, little is known about how different guessers compare to each other. We perform in-depth analyses and comparisons of the…

Cryptography and Security · Computer Science 2021-02-23 Zach Parish , Connor Cushing , Shourya Aggarwal , Amirali Salehi-Abari , Julie Thorpe

We present an in-depth analysis on the strength of the almost 10,000 passwords from users of an instant messaging server in Italy. We estimate the strength of those passwords, and compare the effectiveness of state-of-the-art attack methods…

Cryptography and Security · Computer Science 2009-07-21 Matteo Dell'Amico , Pietro Michiardi , Yves Roudier

It is well-known that most users do not read privacy policies, but almost all users tick the box to agree with them. In this paper, we analyze the 25-year history of privacy policies using methods from transparency research, machine…

Cryptography and Security · Computer Science 2022-01-24 Isabel Wagner

The aim of this work is to study the evolution of password selection among users. We investigate whether users follow best practices when selecting passwords and identify areas in need of improvement. Four distinct publicly-available…

Cryptography and Security · Computer Science 2018-04-12 Theodosis Mourouzis , Kyriacos E. Pavlou , Stylianos Kampakis

On the premise that we are using passwords composed of multiple English words, we argue that using syntactically correct passphrases has no significant impact on the security in comparison to randomly arranged collections of words. We only…

Cryptography and Security · Computer Science 2016-03-22 Eugene Panferov

Password-based authentication faces various security and usability issues. Password managers help alleviate some of these issues by enabling users to manage their passwords effectively. However, malicious client-side scripts and browser…

Cryptography and Security · Computer Science 2024-02-12 Anuj Gautam , Tarun Kumar Yadav , Kent Seamons , Scott Ruoti

Passwords, a first line of defense against unauthorized access, must be secure and memorable. However, people often struggle to create secure passwords they can recall. To address this problem, we design Password inspiration by eXploring…

Cryptography and Security · Computer Science 2025-05-01 Shengqian Wang , Amirali Salehi-Abari , Julie Thorpe

Usable and secure authentication on the web and beyond is mission-critical. While password-based authentication is still widespread, users have trouble dealing with potentially hundreds of online accounts and their passwords. Alternatives…

Cryptography and Security · Computer Science 2023-11-28 Jan H. Klemmer , Marco Gutfleisch , Christian Stransky , Yasemin Acar , M. Angela Sasse , Sascha Fahl

Password managers encourage users to generate passwords to improve their security. However, research has shown that users avoid generating passwords, often giving the rationale that it is difficult to enter generated passwords on devices…

Human-Computer Interaction · Computer Science 2024-09-06 John Sadik , Scott Ruoti

Some protected password change protocols were proposed. However, the previous protocols were easily vulnerable to several attacks such as denial of service, password guessing, stolen-verifier and impersonation atacks etc. Recently, Chang et…

Cryptography and Security · Computer Science 2007-05-23 Ren-Chiun Wang , Chou-Chen Yang , Kun-Ru Mo

Cybersecurity incidents such as data breaches have become increasingly common, affecting millions of users and organizations worldwide. The complexity of cybersecurity threats challenges the effectiveness of existing security communication…

Cryptography and Security · Computer Science 2025-04-04 Carolina Carreira , Alexandra Mendes , João F. Ferreira , Nicolas Christin

The new information and communication technology providers collect increasing amounts of personal data, a lot of which is user generated. Unless use policies are privacy-friendly, this leaves users vulnerable to privacy risks such as…

Computers and Society · Computer Science 2020-05-20 Jana Korunovska , Bernadette Kamleitner , Sarah Spiekermann

We present a framework by which websites can coordinate to make it difficult for users to set similar passwords at these websites, in an effort to break the culture of password reuse on the web today. Though the design of such a framework…

Cryptography and Security · Computer Science 2021-03-05 Ke Coby Wang , Michael K. Reiter

It is practically impossible for users to memorize a large portfolio of strong and individual passwords for their online accounts. A solution is to generate passwords randomly and store them. Yet, storing passwords instead of memorizing…

Cryptography and Security · Computer Science 2017-04-27 Moritz Horsch , Johannes Braun , Dominique Metz , Johannes Buchmann

Formal verification has recently been increasingly used to prove the correctness and security of many applications. It is attractive because it can prove the absence of errors with the same certainty as mathematicians proving theorems.…

Cryptography and Security · Computer Science 2025-09-09 Carolina Carreira , João F. Ferreira , Alexandra Mendes , Nicolas Christin