English
Related papers

Related papers: A Survey on Password Guessing

200 papers

Passwords are the most common mechanism for authenticating users online. However, studies have shown that users find it difficult to create and manage secure passwords. To that end, passphrases are often recommended as a usable alternative…

Cryptography and Security · Computer Science 2023-03-17 Avirup Mukherjee , Kousshik Murali , Shivam Kumar Jha , Niloy Ganguly , Rahul Chatterjee , Mainack Mondal

Text-based secrets are still the most commonly used authentication mechanism in information systems. IT managers must strike a balance between security and memorability while developing password policies. Initially introduced as more secure…

Cryptography and Security · Computer Science 2021-12-08 Noopa Jagadeesh , Miguel Vargas Martin

Text password has long been the dominant user authentication technique and is used by large numbers of Internet services. If they follow recommended practice, users are faced with the almost insuperable problem of generating and managing a…

Cryptography and Security · Computer Science 2017-03-09 Fatma Al Maqbali , Chris J Mitchell

Due to the prevalence of online services in modern society, such as internet banking and social media, it is important for users to have an understanding of basic security measures in order to keep themselves safe online. However, users…

Human-Computer Interaction · Computer Science 2019-07-24 Sam Scholefield , Lynsay A. Shepherd

Password managers encourage users to generate passwords to improve their security. However, research has shown that users avoid generating passwords, often giving the rationale that it is difficult to enter generated passwords on devices…

Human-Computer Interaction · Computer Science 2024-09-06 John Sadik , Scott Ruoti

Passphrases offer an alternative to traditional passwords which aim to be stronger and more memorable. However, users tend to choose short passphrases with predictable patterns that may reduce the security they offer. To explore the…

Cryptography and Security · Computer Science 2021-10-19 Christopher Bonk , Zach Parish , Julie Thorpe , Amirali Salehi-Abari

We present an in-depth analysis on the strength of the almost 10,000 passwords from users of an instant messaging server in Italy. We estimate the strength of those passwords, and compare the effectiveness of state-of-the-art attack methods…

Cryptography and Security · Computer Science 2009-07-21 Matteo Dell'Amico , Pietro Michiardi , Yves Roudier

User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or…

Cryptography and Security · Computer Science 2013-11-19 Gloriya Mathew , Shiney Thomas

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl

User-chosen passwords remain essential to online security, and yet people continue to choose weak, insecure passwords. In this work, we investigate whether prospect theory, a behavioral model of how people evaluate risk, can provide…

Cryptography and Security · Computer Science 2022-01-06 Eryn Ma , Summer Hasama , Eshaan Lumba , Eleanor Birrell

Since the demise of the password was predicted in 2004, different attempts in industry and academia have been made to create an alternative for the use of passwords in authentication, without compromising on security and user experience.…

Cryptography and Security · Computer Science 2023-12-06 Tunde Oduguwa , Abdullahi Arabo

Users often choose passwords that are easy to remember but also easy to guess by attackers. Recent studies have revealed the vulnerability of textual passwords to shoulder surfing and keystroke loggers. It remains a critical challenge in…

Human-Computer Interaction · Computer Science 2014-07-29 Mahdi Nasrullah Al-Ameen , S M Taiabul Haque , Matthew Wright

Password advice is constantly circulated by standards agencies, companies, websites and specialists. But there appears to be great diversity in terms of the advice that is given. Users have noticed that different websites are enforcing…

Cryptography and Security · Computer Science 2018-09-10 Hazel Murray , David Malone

Before deploying a new user authentication scheme, it is critical to subject the scheme to comprehensive study. Few works, however, have undertaken such a study. Recently, Thorpe et al. proposed GeoPass, the most promising of a class of…

Human-Computer Interaction · Computer Science 2014-08-14 Mahdi Nasrullah Al-Ameen , Matthew Wright

We introduce quantitative usability and security models to guide the design of password management schemes --- systematic strategies to help users create and remember multiple passwords. In the same way that security proofs in cryptography…

Cryptography and Security · Computer Science 2013-09-11 Jeremiah Blocki , Manuel Blum , Anupam Datta

System passwords serve as critical credentials for user authentication and access control when logging into operating systems or applications. Upon entering a valid password, users pass verification to access system resources and execute…

Cryptography and Security · Computer Science 2026-02-03 Chaofang Shi , Zhongwen Li , Xiaoqi Li

Researchers have extensively explored how password creation policies influence the security and usability of user-chosen passwords, producing evidence-based policy guidelines. However, for web authentication to improve in practice, websites…

Cryptography and Security · Computer Science 2023-09-08 Suood Alroomi , Frank Li

Some protected password change protocols were proposed. However, the previous protocols were easily vulnerable to several attacks such as denial of service, password guessing, stolen-verifier and impersonation atacks etc. Recently, Chang et…

Cryptography and Security · Computer Science 2007-05-23 Ren-Chiun Wang , Chou-Chen Yang , Kun-Ru Mo

Nowadays, user authentication is one of the important topics in information security. Strong textbased password schemes could provide with certain degree of security. However, the fact that strong passwords are difficult to memorize often…

Cryptography and Security · Computer Science 2009-12-08 Farnaz Towhidi , Maslin Masrom

Security questions are one of the mechanisms used to recover passwords. Strong answers to security questions (i.e. high entropy) are hard for attackers to guess or obtain using social engineering techniques (e.g. monitoring of social…

Cryptography and Security · Computer Science 2017-09-26 Nicholas Micallef , Nalin Asanka Gamagedara Arachchilage