research-article

Personalized password guessing: a new security threat

Authors:
Phuong Cao

University of Illinois at Urbana-Champaign

University of Illinois at Urbana-Champaign
View Profile

,
Hongyang Li

University of Illinois at Urbana-Champaign

University of Illinois at Urbana-Champaign
View Profile

,
Klara Nahrstedt

University of Illinois at Urbana-Champaign

University of Illinois at Urbana-Champaign
View Profile

,
Zbigniew Kalbarczyk

University of Illinois at Urbana-Champaign

University of Illinois at Urbana-Champaign
View Profile

,
Ravishankar Iyer

University of Illinois at Urbana-Champaign

University of Illinois at Urbana-Champaign
View Profile

,
Adam J. Slagell

University of Illinois at Urbana-Champaign

University of Illinois at Urbana-Champaign
View Profile

HotSoS '14: Proceedings of the 2014 Symposium and Bootcamp on the Science of SecurityApril 2014Article No.: 22Pages 1–2https://doi.org/10.1145/2600176.2600198

Published:08 April 2014Publication History

HotSoS '14: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security

Pages 1–2

ABSTRACT

This paper presents a model for generating personalized passwords (i.e., passwords based on user and service profile). A user's password is generated from a list of personalized words, each word is drawn from a topic relating to a user and the service in use. The proposed model can be applied to: (i) assess the strength of a password (i.e., determine how many guesses are used to crack the password), and (ii) generate secure (i.e., contains digits, special characters, or capitalized characters) yet easy to memorize passwords.

References

Das, A., Bonneau, J., Caesar, M., Borisov, N., and Wang, X. The Tangled Web of Password Reuse. In NDSS (2014).Google Scholar
Koller, D., and Friedman, N. Probabilistic graphical models: principles and techniques. MIT press, 2009. Google ScholarDigital Library
Yan, J. J., Blackwell, A. F., Anderson, R. J., and Grant, A. Password memorability and security: Empirical results. IEEE Security & privacy 2, 5 (2004), 25--31. Google ScholarDigital Library

Index Terms

Personalized password guessing: a new security threat
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
HotSoS '14: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security
April 2014
184 pages
ISBN:9781450329071
DOI:10.1145/2600176
General Chair:
Laurie A. Williams
North Carolina State University
,
Program Chairs:
David M. Nicol
University of Illinois, Urbana-Champaign
,
Munindar P. Singh
North Carolina State University
Copyright © 2014 Owner/Author
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 8 April 2014
Check for updates
Author Tags
graphical model
guessing
password
personalized
suggestion
Qualifiers
- research-article
Conference

Acceptance Rates
HotSoS '14 Paper Acceptance Rate12of21submissions,57%Overall Acceptance Rate34of60submissions,57%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 3
  Total Citations
  View Citations
- 243
  Total Downloads
- Downloads (Last 12 months)18
- Downloads (Last 6 weeks)7
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Personalized password guessing: a new security threat

HotSoS '14: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security

ABSTRACT

References

Cited By

Index Terms

Recommendations

Pocket Password Book (Password): A discreet internet password organizer

Password Book: Password Journal / Password Organizer / Password Keeper / Internet Usernames and Passwords / Internet Password Logbook A Passkey Log ... seamless pattern collection) (Volume 48)

Password Keeper: 5x8 Internet Password Organizer - 110 Pages 300 Password Records - Discreet Password Book - Vol.1 Password Keeper