Open AccessJournal Article
Foiling the cracker: A survey of, and improvements to, password security
TLDR
Some of the problems of current password security are outlined by demonstrating the ease by which individual accounts may be broken, and one solution to this point of system vulnerability, a proactive password checker is proposed.Abstract:
With the rapid burgeoning of national and international networks, the question of system security has become one of growing importance. High speed inter-machine communication and even higher speed computational processors have made the threats of system {open_quotes}crackers,{close_quotes} data theft, and data corruption very real. This paper outlines some of the problems of current password security by demonstrating the ease by which individual accounts may be broken. Various techniques used by crackers are outlined, and finally one solution to this point of system vulnerability, a proactive password checker, is proposed. 11 refs., 2 tabs.read more
Citations
More filters
Book
Handbook of Applied Cryptography
TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Book
Security Engineering: A Guide to Building Dependable Distributed Systems
TL;DR: In almost 600 pages of riveting detail, Ross Anderson warns us not to be seduced by the latest defensive technologies, never to underestimate human ingenuity, and always use common sense in defending valuables.
Proceedings ArticleDOI
Encrypted key exchange: password-based protocols secure against dictionary attacks
TL;DR: A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced.
Journal ArticleDOI
Hide and seek: an introduction to steganography
Niels Provos,Peter Honeyman +1 more
TL;DR: This article discusses existing steganographic systems and presents recent research in detecting them via statistical steganalysis and discusses the practical application of detection algorithms and the mechanisms for getting around them.
Proceedings ArticleDOI
A large-scale study of web password habits
Dinei Florencio,Cormac Herley +1 more
TL;DR: The study involved half a million users over athree month period and gets extremely detailed data on password strength, the types and lengths of passwords chosen, and how they vary by site.
References
More filters
Journal ArticleDOI
Password security: a case history
Robert Morris,Ken Thompson +1 more
TL;DR: The present design of the password security scheme was the result of countering observed attempts to penetrate the system and is a compromise between extreme security and ease of use.
Journal ArticleDOI
The internet worm program: an analysis
TL;DR: The paper contains a review of the security flaws exploited by the worm program, and gives some recommendations on how to eliminate or mitigate their future use.
Book ChapterDOI
UNIX Password Security - Ten Years Later
TL;DR: It is concluded that the single most important step that can be taken to improve password security is to increase password entropy.
Journal ArticleDOI
The UNIX system UNIX operating system security
F. T. Grampp,R. H. Morris +1 more
TL;DR: Some of the security hazards of the UNIX™ operating system are discussed, and ways to protect against them are suggested, in the hope that an educated community of users will lead to a level of protection that is stronger, but far more importantly, that represents a reasonable and thoughtful balance between security and ease of use of the system.
Journal ArticleDOI
Passwords in use in a university timesharing environment
TL;DR: One part of the worm program attempted to break user passwords using a mini-dictionary of 432 words it contained, which raised several important questions: Where did the list come from?