Abstract

Password meters and policies are currently the only tools helping users to create stronger passwords. However, such tools often do not provide consistent or useful feedback to users, and their suggestions may decrease memorability of resulting passwords. Passwords that are difficult to remember promote bad practices, such as writing them down or password reuse, thus stronger passwords do not necessarily improve authentication security. In this work, we propose GuidedPass – a system that suggests real-time password modifications to users, which preserve the password’s semantic structure, while increasing password strength. Our suggestions are based on structural and semantic patterns mined from successfully recalled and strong passwords in several IRB-approved user studies [30]. We compare our approach to password creation with creation under NIST [12] policy, Ur et al. [26] guidance, and …

Metadata

publication

Research in Attacks, Intrusions, and Defenses: 21st International Symposium …, 2018

year

2018

publication date

2018

authors

Simon S Woo, Jelena Mirkovic

link

https://link.springer.com/chapter/10.1007/978-3-030-00470-5_12

resource_link

https://www.isi.edu/people-mirkovic/wp-content/uploads/sites/52/2023/10/guidedpass.pdf

conference

Research in Attacks, Intrusions, and Defenses: 21st International Symposium, RAID 2018, Heraklion, Crete, Greece, September 10-12, 2018, Proceedings 21

pages

250-270

publisher

Springer International Publishing