Detecting stuffing of a {User's} credentials at her own accounts
… They point out that this assumption “is of course not true for an attacker exploiting password
re-use or other non-guessing approach”, which is our interest here. Schechter et al. [57] …
re-use or other non-guessing approach”, which is our interest here. Schechter et al. [57] …
Might I get pwned: A second generation compromised credential checking service
… To prevent users from reusing their password across web services, … password in multiple
participating web services. The efficacy of this protocol relies on the coordination of the web …
participating web services. The efficacy of this protocol relies on the coordination of the web …
Protocols for checking compromised credentials
… password or of the hash of their username-password pair. This leaks some information about
user passwords… Similarly, if an attacker can track the interaction history between a user and …
user passwords… Similarly, if an attacker can track the interaction history between a user and …
{Pass2Edit}: A {Multi-Step} Generative Model for Guessing Edited Passwords
… operations but also the edited passwords (ie, modified/reused passwords). Our PASS2EDIT
… ’ vulnerable behaviors of password reuse but also choosing popular passwords, and is very …
… ’ vulnerable behaviors of password reuse but also choosing popular passwords, and is very …
Gazemeter: Exploring the usage of gaze behaviour to enhance password assessments
… We specifically focused on cases where people created new passwords. In reality, password
reuse is a common strategy to cope … The tangled web of password reuse.. In NDSS, Vol. 14. …
reuse is a common strategy to cope … The tangled web of password reuse.. In NDSS, Vol. 14. …
More than just good passwords? A study on usability and security perceptions of risk-based authentication
… (2FA, RBA, password-only) fits best to the application scenario of their corresponding
website. Moreover, our work helps developers to understand how to strengthen password-based …
website. Moreover, our work helps developers to understand how to strengthen password-based …
PII-PSM: A New Targeted Password Strength Meter Using Personally Identifiable Information
Q Dong, D Wang, Y Shen, C Jia - … Conference on Security and Privacy in …, 2022 - Springer
… For example, fuzzyPSM [21] can accurately capture users’ password reuse behaviors
and has a built-in base dictionary containing popular passwords. However, to the best of our …
and has a built-in base dictionary containing popular passwords. However, to the best of our …
Decryption and Password Enforcing
J Kävrestad, J Kävrestad - … of Digital Forensics: Theory, Methods, and Real …, 2020 - Springer
… of password theory is password reuse. An average user will have many different accounts
and passwords for … , users tend to reuse passwords, or parts of passwords, over many different …
and passwords for … , users tend to reuse passwords, or parts of passwords, over many different …
{Araña}: Discovering and Characterizing Password Guessing Attacks in Practice
… -password pair repeatedly, we removed all L sets reusing the same incorrect username-…
similar passwords across web services [14], we can still detect these breached passwords not …
similar passwords across web services [14], we can still detect these breached passwords not …
A Novel Metric for Password Security Risk Against Dictionary Attacks
B Le Thanh Thai, H Tanaka - International Conference on Information …, 2022 - Springer
… Furthermore, passwords are often reused, which is also a … leaked passwords to create datasets
to evaluate the password … of self-information of the target passwords and use this value to …
to evaluate the password … of self-information of the target passwords and use this value to …