English
Related papers

Related papers: MFDPG: Multi-Factor Authenticated Password Managem…

200 papers

In this work we analyse five popular commercial password managers for security vulnerabilities. Our analysis is twofold. First, we compile a list of previously disclosed vulnerabilities through a comprehensive review of the academic and…

Cryptography and Security · Computer Science 2020-03-18 Michael Carr , Siamak F. Shahandashti

User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authentication systems will be either been usable but not secure, or…

Cryptography and Security · Computer Science 2013-11-19 Gloriya Mathew , Shiney Thomas

Passwords are the primary authentication method online, but even with password policies and meters, users still find it hard to create strong and memorable passwords. In this paper, we propose DPAR: a Data-driven PAssword Recommendation…

Cryptography and Security · Computer Science 2024-06-06 Assaf Morag , Liron David , Eran Toch , Avishai Wool

Hacking password databases is one of the most frequently reported cyber-attacks. Current password management systems are based on known and public algorithms. Also, many studies have shown that users select weak passwords. Thus, with the…

Cryptography and Security · Computer Science 2020-12-08 Mohammad Mohammadinodoushan

Cloud computing is drastically growing technology which provides an on-demand software, hardware, infrastructure and data storage as services. This technology is used worldwide to improve the business infrastructure and performance.…

Cryptography and Security · Computer Science 2012-07-17 Dinesha H. A. , V. K. Agrawa

The use of passwords and the need to protect passwords are not going away. The majority of websites that require authentication continue to support password authentication. Even high-security applications such as Internet Banking portals,…

Networking and Internet Architecture · Computer Science 2020-11-13 Teik Guan Tan , Pawel Szalachowski , Jianying Zhou

The feature diversity of different web systems in page elements, submission contents and return information makes it difficult to detect weak password automatically. To solve this problem, multi-factor correlation detection method as…

Cryptography and Security · Computer Science 2022-10-27 Xiang Long , Yan Huang , Zhendong Liu , Lansheng Han , Haili Sun , Jingyuan He

Nowadays, cyberattacks are growing exponentially, causing havoc to Internet users. In particular, authentication attacks constitute the major attack vector where intruders impersonate legitimate users to maliciously access systems or…

Cryptography and Security · Computer Science 2025-06-18 Ang Kok Wee , Eyasu Getahun Chekole , Jianying Zhou

The choice of password composition policy to enforce on a password-protected system represents a critical security decision, and has been shown to significantly affect the vulnerability of user-chosen passwords to guessing attacks. In…

Cryptography and Security · Computer Science 2024-03-18 Saul Johnson , João F. Ferreira , Alexandra Mendes , Julien Cordry

A password composition policy restricts the space of allowable passwords to eliminate weak passwords that are vulnerable to statistical guessing attacks. Usability studies have demonstrated that existing password composition policies can…

Cryptography and Security · Computer Science 2013-02-26 Jeremiah Blocki , Saranga Komanduri , Ariel Procaccia , Or Sheffet

Passwordless authentication has revolutionized the way we authenticate across various websites and services. FIDO2 Passkeys, is one of the most-widely adopted standards of passwordless authentication that promises phishing-resistance.…

Cryptography and Security · Computer Science 2025-12-29 Aditya Mitra , Sibi Chakkaravarthy Sethuraman

System passwords serve as critical credentials for user authentication and access control when logging into operating systems or applications. Upon entering a valid password, users pass verification to access system resources and execute…

Cryptography and Security · Computer Science 2026-02-03 Chaofang Shi , Zhongwen Li , Xiaoqi Li

The existing authentication system has two entry points (i.e., username and password fields) to interact with the outside, but neither of them has a gatekeeper, making the system vulnerable to cyberattacks. In order to ensure the…

Cryptography and Security · Computer Science 2024-09-26 Suyun Borjigin

Passwords have been long used as the primary authentication method for web services. Weak passwords used by the users have prompted the use of password management tools and two-factor authentication to ensure better account security. While…

Cryptography and Security · Computer Science 2025-01-27 Pratyush Choudhary , Subhrajit Das , Mukul Paras Potta , Prasuj Das , Abhishek Bichhawat

Existing fuzzy extractors and similar methods provide an effective way for extracting a secret key from a user's biometric data, but are susceptible to impersonation attack: once a valid biometric sample is captured, the scheme is no longer…

Cryptography and Security · Computer Science 2024-05-21 Hong Yen Tran , Jiankun Hu , Wen Hu

Formal verification has recently been increasingly used to prove the correctness and security of many applications. It is attractive because it can prove the absence of errors with the same certainty as mathematicians proving theorems.…

Cryptography and Security · Computer Science 2025-09-09 Carolina Carreira , João F. Ferreira , Alexandra Mendes , Nicolas Christin

Password security has been compelled to evolve in response to the growing computational capabilities of modern systems. However, this evolution has often resulted in increasingly complex security practices that alienate users, leading to…

Cryptography and Security · Computer Science 2025-10-14 Tonmoy Ghosh

User authentication can rely on various factors (e.g., a password, a cryptographic key, biometric data) but should not reveal any secret or private information. This seemingly paradoxical feat can be achieved through zero-knowledge proofs.…

Cryptography and Security · Computer Science 2020-09-15 Laurent Chuat , Sarah Plocher , Adrian Perrig

Vulnerabilities in password managers are unremitting because current designs provide large attack surfaces, both at the client and server. We describe and evaluate Horcrux, a password manager that is designed holistically to minimize and…

Cryptography and Security · Computer Science 2017-10-11 Hannah Li , David Evans

Among the various means of available resource protection including biometrics, password based system is most simple, user friendly, cost effective and commonly used. But this method having high sensitivity with attacks. Most of the advanced…

Cryptography and Security · Computer Science 2009-10-13 Manoj Kumar Singh