English
Related papers

Related papers: System Password Security: Attack and Defense Mecha…

200 papers

Research in cybersecurity may seem reactive, specific, ephemeral, and indeed ineffective. Despite decades of innovation in defense, even the most critical software systems turn out to be vulnerable to attacks. Time and again. Offense and…

Cryptography and Security · Computer Science 2024-09-04 Marcel Böhme

This work explores injection attacks against password managers. In this setting, the adversary (only) controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing…

Cryptography and Security · Computer Science 2024-08-14 Andrés Fábrega , Armin Namavari , Rachit Agarwal , Ben Nassi , Thomas Ristenpart

Password security plays a crucial role in cybersecurity, yet traditional password strength meters, which rely on static rules like character-type requirements, often fail. Such methods are easily bypassed by common password patterns (e.g.,…

Cryptography and Security · Computer Science 2025-11-14 Muhammed El Mustaqeem Mazelan , Noor Hazlina Abdul , Nouar AlDahoul

This article provides a tool for analyzing mechanisms that aim to achieve resilience against stealthy, or undetectable, attacks on cyber-physical systems (CPSs). We consider attackers who are able to corrupt all of the inputs and outputs of…

Systems and Control · Electrical Eng. & Systems 2022-05-03 Paul Griffioen , Bruce H. Krogh , Bruno Sinopoli

Modern authentication systems store hashed values of passwords of users using cryptographic hash functions. Therefore, to crack a password an attacker needs to guess a hash function input that is mapped to the hashed value, as opposed to…

Cryptography and Security · Computer Science 2019-11-28 Yair Yona , Suhas Diggavi

Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when feature values widely differ from previously observed ones. It is…

Cryptography and Security · Computer Science 2022-11-11 Stephan Wiefling , Paul René Jørgensen , Sigurd Thunem , Luigi Lo Iacono

Protecting data from malicious computer users continues to grow in importance. Whether preventing unauthorized access to personal photographs, ensuring compliance with federal regulations, or ensuring the integrity of corporate secrets, all…

Operating Systems · Computer Science 2007-05-23 Paul Stanton

The techniques used in modern attacks have become an important factor for investigation. As we advance further into the digital age, cyber attackers are employing increasingly sophisticated and highly threatening methods. These attacks…

Cryptography and Security · Computer Science 2026-01-21 Alexander Shim

Approximately 61% of cyber attacks involve adversaries in possession of valid credentials. Attackers acquire credentials through various means, including phishing, dark web data drops, password reuse, etc. Multi-factor authentication (MFA)…

Cryptography and Security · Computer Science 2024-08-31 Sam Hays , Michael Sandborn , Jules White

Security patterns are a means to encapsulate and communicate proven security solutions. They are well-established approaches for introducing security into the software development process. Our objective is to explore the research efforts on…

Software Engineering · Computer Science 2018-12-03 Abbas Javan Jafari , Abbas Rasoolzadegan

Security attacks are growing in an exponential manner and their impact on existing systems is seriously high and can lead to dangerous consequences. However, in order to reduce the effect of these attacks, penetration tests are highly…

Cryptography and Security · Computer Science 2021-03-30 Jean-Paul A. Yaacoub , Hassan N. Noura , Ola Salman , Ali Chehab

Since the introduction of bcrypt in 1999, adaptive password hashing functions, whereby brute-force resistance increases symmetrically with computational difficulty for legitimate users, have been our most powerful post-breach countermeasure…

Cryptography and Security · Computer Science 2023-08-31 Vivek Nair , Dawn Song

In recent years, numerous incidents involving the leakage of website accounts and text passwords (referred to as passwords) have raised significant concerns regarding the potential exposure of personal information. These events underscore…

Cryptography and Security · Computer Science 2026-04-07 Abel C. H. Chen

With the exponential rise in the use of cloud services, smart devices, and IoT devices, advanced cyber attacks have become increasingly sophisticated and ubiquitous. Furthermore, the rapid evolution of computing architectures and memory…

Cryptography and Security · Computer Science 2025-01-09 Jyotiprakash Mishra , Sanjay K. Sahay

Reusing passwords across multiple websites is a common practice that compromises security. Recently, Blum and Vempala have proposed password strategies to help people calculate, in their heads, passwords for different sites without…

Human-Computer Interaction · Computer Science 2018-05-28 Samira Samadi , Santosh Vempala , Adam Tauman Kalai

Web password recovery, enabling a user who forgets their password to re-establish a shared secret with a website, is very widely implemented. However, use of such a fall-back system brings with it additional vulnerabilities to user…

Cryptography and Security · Computer Science 2018-01-31 Fatma Al Maqbali , Chris J Mitchell

Nowadays, cyberattacks are growing exponentially, causing havoc to Internet users. In particular, authentication attacks constitute the major attack vector where intruders impersonate legitimate users to maliciously access systems or…

Cryptography and Security · Computer Science 2025-06-18 Ang Kok Wee , Eyasu Getahun Chekole , Jianying Zhou

Despite their well-known security problems, passwords are still the incumbent authentication method for virtually all online services. To remedy the situation, end-users are very often referred to password managers as a solution to the…

Cryptography and Security · Computer Science 2017-12-27 Sanam Ghorbani Lyastani , Michael Schilling , Sascha Fahl , Sven Bugiel , Michael Backes

Even though passwords are the most convenient means of authentication, they bring along themselves the threat of dictionary attacks. Dictionary attacks may be of two kinds: online and offline. While offline dictionary attacks are possible…

Cryptography and Security · Computer Science 2011-11-17 Vipul Goyal , Virendra Kumar , Mayank Singh , Ajith Abraham , Sugata Sanyal

Researchers have extensively explored how password creation policies influence the security and usability of user-chosen passwords, producing evidence-based policy guidelines. However, for web authentication to improve in practice, websites…

Cryptography and Security · Computer Science 2023-09-08 Suood Alroomi , Frank Li