System and methods for analyzing and modifying passwords
作者: Sudhir Aggarwal , Shiva Houshmand Yazdi , Charles Matt Weir
DOI:
关键词:
摘要: A system for analyzing and modifying passwords in a manner that provides user with strong usable/memorable password. The would propose password has relevance can be remembered. invention evaluate the to ascertain its strength. evaluation is based on probabilistic cracking trained sets of revealed generate guesses highest probability order. If user's proposed enough, accepted. not will reject it. rejected, modifies suggests one or more stronger passwords. modified have limited modifications Thus, tested memorable
lens.org 参考文章(39)
John Campbell, Wanli Ma, Dale Kleeman, Impact of restrictive composition policy on user password choices Behaviour & Information Technology. ,vol. 30, pp. 379- 388 ,(2011) , 10.1080/0144929X.2010.492876
Jianxin Jeff Yan, A note on proactive password checking new security paradigms workshop. pp. 127- 135 ,(2001) , 10.1145/508171.508194
Udi Manber, Refereed paper: A simple scheme to make passwords based on one-way functions much harder to crack Computers & Security. ,vol. 15, pp. 171- 176 ,(1996) , 10.1016/0167-4048(96)00003-X
Fred J. Damerau, A technique for computer detection and correction of spelling errors Communications of the ACM. ,vol. 7, pp. 171- 176 ,(1964) , 10.1145/363958.363994
C. E. Shannon, Prediction and Entropy of Printed English Bell System Technical Journal. ,vol. 30, pp. 50- 64 ,(1951) , 10.1002/J.1538-7305.1951.TB01366.X
Yinqian Zhang, Fabian Monrose, Michael K. Reiter, The security of modern password expiration Proceedings of the 17th ACM conference on Computer and communications security - CCS '10. pp. 176- 186 ,(2010) , 10.1145/1866307.1866328
Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern, Testing metrics for password creation policies by attacking large sets of revealed passwords Proceedings of the 17th ACM conference on Computer and communications security - CCS '10. pp. 162- 175 ,(2010) , 10.1145/1866307.1866327
Barbara S. Chaparro, Shannon Riley, Password Security: What Users Know and What They Actually Do ,(2006)
Richard Kemmerer, Christopher Kruegel, Giovanni Vigna, Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Your botnet is my botnet: analysis of a botnet takeover computer and communications security. pp. 635- 647 ,(2009) , 10.1145/1653662.1653738
Alain Forget, Sonia Chiasson, P. C. van Oorschot, Robert Biddle, Improving text passwords through persuasion Proceedings of the 4th symposium on Usable privacy and security - SOUPS '08. pp. 1- 12 ,(2008) , 10.1145/1408664.1408666