Randomised attacks on passwords
نویسندگان
چکیده
A brief survey of authentication methods in password-protected systems is first provided. Subsequently, features of a freely available software for cracking passwords is then discussed. A randomised procedure for attacking passwords, based on a tilted version of the password distribution, is then proposed. This tilt is a mechanism suggested by large deviations theory. After showing the asymptotic optimality of the proposed randomised scheme, an algorithm for generating these randomised attacks, based on the Metropolis algorithm, is then finally described.
منابع مشابه
A Survey of Password Attacks and Comparative Analysis on Methods for Secure Authentication
Passwords play an important role in daily life in various computing applications like ATM machines, internet services, windows login, authentication in mobiles etc. The major aim for using passwords is to restrict unauthorized users to access the system. Passwords are necessary but, still they are not considered much safe to provide the security to the users because of many flaws in the convent...
متن کاملBad Sounds Good Sounds: Attacking and Defending Tap-Based Rhythmic Passwords Using Acoustic Signals
Tapping-based rhythmic passwords have recently been proposed for the purpose of user authentication and device pairing. They offer a usability advantage over traditional passwords in that memorizing and recalling rhythms is believed to be an easier task for human users. Such passwords might also be harder to guess, thus possibly providing higher security. Given these potentially unique advantag...
متن کاملDo Strong Web Passwords Accomplish Anything?
We find that traditional password advice given to users is somewhat dated. Strong passwords do nothing to protect online users from password stealing attacks such as phishing and keylogging, and yet they place considerable burden on users. Passwords that are too weak of course invite brute-force attacks. However, we find that relatively weak passwords, about 20 bits or so, are sufficient to mak...
متن کاملA Text based Authentication Scheme for Improving Security of Textual Passwords
User authentication through textual passwords is very common in computer systems due to its ease of use. However textual passwords are vulnerable to different kinds of security attacks, such as spyware and dictionary attacks. In order to overcome the deficiencies of textual password scheme, many graphical password schemes have been proposed. The proposed schemes could not fully replace textual ...
متن کاملStrengthening Password-Based Authentication Protocols Against Online Dictionary Attacks
Passwords are one of the most common cause of system break-ins, because the low entropy of passwords makes systems vulnerable to brute force guessing attacks (dictionary attacks). Existing Strong Password Authentication and Key Agreement (SPAKA) protocols protect passwords from passive eavesdropping-offline dictionary attacks, but not from active online dictionary attacks. This paper presents a...
متن کامل