Modeling Password Guessing with Neural Networks

نویسندگان

  • Leo de Castro
  • Hunter Lang
  • Stephanie Liu
  • Cristina Mata
چکیده

Passwords still dominate the authentication space, but they are vulnerable to many different attacks; in recent years, guessing attacks in particular have notably caused a few high-profile information leaks. Password strength checkers, which attempt to guard against guessing attacks by enforcing heuristics like length and character variety, only model resistance to these brute-force attacks by proxy. In this paper, we reproduce the work of Melicher et. al [1], designing a strength checker that directly bases its ratings on resistance to guessing attacks. We provide a qualitative comparison of the ratings output by this system to those of a popular heuristic one, zxcvbn.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks

Human-chosen text passwords, today’s dominant form of authentication, are vulnerable to guessing attacks. Unfortunately, existing approaches for evaluating password strength by modeling adversarial password guessing are either inaccurate or orders of magnitude too large and too slow for real-time, client-side password checking. We propose using artificial neural networks to model text passwords...

متن کامل

Better passwords through science (and neural networks)∗

We discuss how we use neural networks to accurately measure password strength, and how we use this capability to build effective password meters. First, we show how neural networks can be used to guess passwords and how we leveraged this method to build a password guesser to better model guessing attacks. We report our measurements of the effectiveness of neural networks at guessing passwords, ...

متن کامل

Poster: An Analysis of Targeted Password Guessing Using Neural Networks

Text-based passwords, dominant mechanism of authentication nowadays, are vulnerable to malicious attackers. Even though not recommended, users tend to use personal information (PI) when create passwords. Only a few studies have researched targeted password guessing, in which attackers guess passwords by utilizing users’ PI. We propose TPGXNN, a framework that uses neural networks (NN) in target...

متن کامل

A New Improved Secure Password Authentication Protocol to Resist Guessing Attack in Wireless Networks

Wireless communication is widely used today. It transmits information through an open network such that it always suffers by a variety of attacks. In 2006, Yoon et al. proposed a secure password authentication protocol for wireless networks to fix the drawback of Ma et al.’s protocol. In this article, we will show that the Yoon et al.’s protocol is vulnerable to both off-line password guessing ...

متن کامل

Cryptanalysis on Efficient Two-factor User Authentication Scheme with Unlinkability for Wireless Sensor Networks

To provide secure authentication for wireless sensor networks (WSNs), recently Jiang et al. proposed an efficient two-factor user authentication scheme with unlinkability. They argued that the scheme provides resilience of privileged insider attack, stolen-verifier attack, password guessing attack, weak stolen smart card attack, replay attack, forgery attack, identity guessing attack and tracki...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2017