English
Related papers

Related papers: Bernoulli honeywords

200 papers

Honeywords are decoy passwords that can be added to a credential database; if a login attempt uses a honeyword, this indicates that the site's credential database has been leaked. In this paper we explore the basic requirements for…

Cryptography and Security · Computer Science 2024-03-07 Zonghao Huang , Lujo Bauer , Michael K. Reiter

Decoy passwords, or ``honeywords,'' alert a site to its breach if entered in a login attempt on that site. However, an attacker can identify a user-chosen password from among the decoys, without alerting the site to its breach, via…

Cryptography and Security · Computer Science 2026-05-14 Mridu Nanda , Michael K. Reiter

Introduced by Juels and Rivest in 2013, Honeywords, which are decoy passwords stored alongside a real password, appear to be a proactive method to help detect password credentials misuse. However, despite over a decade of research, this…

Cryptography and Security · Computer Science 2025-10-28 Sudiksha Das , Ashish Kundu

Honeywords are fictitious passwords inserted into databases in order to identify password breaches. The major difficulty is how to produce honeywords that are difficult to distinguish from real passwords. Although the generation of…

Artificial Intelligence · Computer Science 2022-08-24 Fangyi Yu , Miguel Vargas Martin

"Honeywords" have emerged as a promising defense mechanism for detecting data breaches and foiling offline dictionary attacks (ODA) by deceiving attackers with false passwords. In this paper, we propose PassFilter, a novel deep learning…

Cryptography and Security · Computer Science 2024-07-25 Jimmy Dani , Brandon McCulloh , Nitesh Saxena

Honeyword is a representative "honey" technique that employs decoy objects to mislead adversaries and protect the real ones. To assess the security of a Honeyword system, two metrics--flatness and success-number--have been proposed and…

Cryptography and Security · Computer Science 2025-04-22 Pengcheng Su , Haibo Cheng , Wenting Li , Ping Wang

The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for…

Cryptography and Security · Computer Science 2021-01-22 Vassilis Papaspirou , Leandros Maglaras , Mohamed Amine Ferrag , Ioanna Kantzavelou , Helge Janicke , Christos Douligeris

Using password based authentication technique, a system maintains the login credentials (username, password) of the users in a password file. Once the password file is compromised, an adversary obtains both the login credentials. With the…

Cryptography and Security · Computer Science 2017-05-31 Nilesh Chakraborty , Samrat Mondal

Inverting the hash values by performing brute force computation is one of the latest security threats on password based authentication technique. New technologies are being developed for brute force computation and these increase the…

Cryptography and Security · Computer Science 2015-09-22 Nilesh Chakraborty , Samrat Mondal

Honey Encryption is an approach to encrypt the messages using low min-entropy keys, such as weak passwords, OTPs, PINs, credit card numbers. The ciphertext is produces, when decrypted with any number of incorrect keys, produces…

Cryptography and Security · Computer Science 2020-11-02 Kunjal Panchal

Honeypots are decoy systems that lure attackers by presenting them with a seemingly vulnerable system. They provide an early detection mechanism as well as a method for learning how adversaries work and think. However, over the last years,…

Cryptography and Security · Computer Science 2021-09-23 Shreyas Srinivasa , Jens Myrup Pedersen , Emmanouil Vasilomanolakis

Modern trend sees a lot usage of \textit{honeywords} (or fake password) for protecting the original passwords in the password file. However, the usage of \textit{honeywords} has strongly been criticized under the different security and…

Cryptography and Security · Computer Science 2017-08-07 Nilesh Chakraborty , Shreya Singh , Samrat Mondal

Passwords should be easy to remember, yet expiration policies mandate their frequent change. Caught in the crossfire between these conflicting requirements, users often adopt creative methods to perform slight variations over time. While…

Cryptography and Security · Computer Science 2020-09-18 Davide Berardi , Franco Callegati , Andrea Melis , Marco Prandini

Keyloggers remain a serious threat in modern cybersecurity, silently capturing user keystrokes to steal credentials and sensitive information. Traditional defenses focus mainly on detection and removal, which can halt malicious activity but…

Cryptography and Security · Computer Science 2025-08-07 Md Sajidul Islam Sajid , Shihab Ahmed , Ryan Sosnoski

Historically, enterprise network reconnaissance is an active process, often involving port scanning. However, as routers and switches become more complex, they also become more susceptible to compromise. From this vantage point, an attacker…

Cryptography and Security · Computer Science 2020-08-10 Iffat Anjum , Mu Zhu , Isaac Polinsky , William Enck , Michael K. Reiter , Munindar Singh

Password security hinges on an in-depth understanding of the techniques adopted by attackers. Unfortunately, real-world adversaries resort to pragmatic guessing strategies such as dictionary attacks that are inherently difficult to model in…

Cryptography and Security · Computer Science 2021-03-01 Dario Pasquini , Marco Cianfriglia , Giuseppe Ateniese , Massimo Bernaschi

This paper explores deploying a cyber honeypot system to learn how cyber defenders can use a honeypot system as a deception mechanism to gather intelligence. Defenders can gather intelligence about an attacker such as the autonomous system…

Cryptography and Security · Computer Science 2023-01-03 Daniel Zielinski , Hisham A. Kholidy

The security of passwords is dependent on a thorough understanding of the strategies used by attackers. Unfortunately, real-world adversaries use pragmatic guessing tactics like dictionary attacks, which are difficult to simulate in…

Cryptography and Security · Computer Science 2022-12-13 Fangyi Yu

A honeypot, which is a kind of deception strategy, has been widely used for at least 20 years to mitigate cyber threats. Decision-makers have believed that honeypot strategies are intuitive and effective, since honeypots have successfully…

Cryptography and Security · Computer Science 2022-11-01 Suhyeon Lee , Kwangsoo Cho , Seungjoo Kim

Vulnerabilities in password managers are unremitting because current designs provide large attack surfaces, both at the client and server. We describe and evaluate Horcrux, a password manager that is designed holistically to minimize and…

Cryptography and Security · Computer Science 2017-10-11 Hannah Li , David Evans
‹ Prev 1 2 3 10 Next ›