Chunk-level password guessing: Towards modeling refined password composition representations
Textual password security hinges on the guessing models adopted by attackers, in which a
suitable password composition representation is an influential factor. Unfortunately, the …
suitable password composition representation is an influential factor. Unfortunately, the …
Code coverage and test suite effectiveness: Empirical study with real bugs in large systems
During software maintenance, testing is a crucial activity to ensure the quality of program
code as it evolves over time. With the increasing size and complexity of software, adequate …
code as it evolves over time. With the increasing size and complexity of software, adequate …
A {Large-Scale} Empirical Analysis of Chinese Web Passwords
Users speaking different languages may prefer different patterns in creating their passwords,
and thus knowledge on English passwords cannot help to guess passwords from other …
and thus knowledge on English passwords cannot help to guess passwords from other …
Is this really you? An empirical study on risk-based authentication applied in the wild
Risk-based authentication (RBA) is an adaptive security measure to strengthen password-
based authentication. RBA monitors additional implicit features during password entry such …
based authentication. RBA monitors additional implicit features during password entry such …
" What was that site doing with my Facebook password?" Designing Password-Reuse Notifications
Password reuse is widespread, so a breach of one provider's password database threatens
accounts on other providers. When companies find stolen credentials on the black market …
accounts on other providers. When companies find stolen credentials on the black market …
O single {Sign-Off}, where art thou? An empirical analysis of single {Sign-On} account hijacking and session management on the web
M Ghasemisharif, A Ramesh, S Checkoway… - 27th USENIX Security …, 2018 - usenix.org
Single Sign-On (SSO) allows users to effortlessly navigate the Web and obtain a
personalized experience without the hassle of creating and managing accounts across …
personalized experience without the hassle of creating and managing accounts across …
An investigation into users' considerations towards using password managers
Password managers, though commonly recommended by security experts, are still not used
by many users. Understanding why some choose to use password managers while others …
by many users. Understanding why some choose to use password managers while others …
Password Portfolios and the {Finite-Effort} User: Sustainably Managing Large Numbers of Accounts
We explore how to manage a portfolio of passwords. We review why mandating exclusively
strong passwords with no re-use gives users an impossible task as portfolio size grows. We …
strong passwords with no re-use gives users an impossible task as portfolio size grows. We …
The next domino to fall: Empirical analysis of user passwords across online services
Leaked passwords from data breaches can pose a serious threat if users reuse or slightly
modify the passwords for other services. With more services getting breached today, there is …
modify the passwords for other services. With more services getting breached today, there is …
A {Two-Decade} Retrospective Analysis of a University's Vulnerability to Attacks Exploiting Reused Passwords
Credential-guessing attacks often exploit passwords that were reused across a user's online
accounts. To learn how organizations can better protect users, we retrospectively analyzed …
accounts. To learn how organizations can better protect users, we retrospectively analyzed …