Brute-force and dictionary attack on hashed real-world passwords

Bošnjak, Leon; Sres, J.; Brumen, Boštjan

doi:10.23919/mipro.2018.8400211

Cited by 97 publications

(30 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The brute force attacks are a search and comparison process for all probabilities in a hope of guessing the intended password correctly. It is worth stating that two important concepts have to be considered in this type of attack, which is password space [23].…”

Section: Brute Force Attackmentioning

confidence: 99%

Passnumbers: An Approach of Graphical Password Authentication Based on Grid Selection

Jirjees¹,

Mahmood²,

Nasser³

2022

IJSSE

View full text Add to dashboard Cite

The authentication textual passwords are the most widely used technique. However, this type of legacy authentication is vulnerable to various attacks, such as shoulder-surfing attacks. Hence, graphical password authentication is one of these approaches which has been suggested to overcome the issues related to textual passwords. Nevertheless, the hackers have also developed new techniques that can be finally broken the graphical password, for instance, listening to the transmitted information between the client and the server. In this paper, Passnumbers graphical authentication password is proposed. Passnumbers approach involves two new stages, which are first, using the coordinates of a graphical grid cells-based numbers for entering the password. The second stage is represented by deploying a new technique to encrypt the password based on the image pixels. The performance evaluation reveals that the proposed Passnumbers can provide high resistance against several graphical password attacks including shoulder surfing and eavesdropping attacks. Passnumbers is evaluated using several metrics including security and usability.

show abstract

Section: Brute Force Attackmentioning

confidence: 99%

Passnumbers: An Approach of Graphical Password Authentication Based on Grid Selection

Jirjees¹,

Mahmood²,

Nasser³

2022

IJSSE

View full text Add to dashboard Cite

show abstract

“…A dictionary attack prioritizes attack speed, although this leads to a smaller spectrum of possibilities, while a brute force attack covers many more possibilities by considerably reducing speed. A dictionary attack uses a set of common words to be tested, while brute force tests all possible character combinations to form character strings [19]. It is possible to use both techniques according to the information available about the passwords, such as a particular pattern that can be replicated.…”

Section: Password Securitymentioning

confidence: 99%

Password Guessability as a Service (PGaaS)

et al. 2022

View full text Add to dashboard Cite

This paper presents an adaptable password guessability service suited for different password generators according to what a user might need when using such a service. In particular, we introduce a flexible cloud-based software architecture engineered to provide an efficient and robust password guessability service that benefits from all the features and goals expected from cloud applications. This architecture comprises several components, featuring the combination of a synthetic dataset generator realized via a generative adversarial network (GAN), which may learn the distribution of passwords from a given dictionary and generate high-quality password guesses, along with a password guessability estimator realized via a password strength estimation algorithm. In addition to detailing the architecture’s components, we run a performance evaluation on the architecture’s key components, obtaining promising results. Finally, the complete application is delivered and may be used by a user to estimate the strength of a password and the time taken by an average computer to enumerate it.

show abstract

“…There are many ways available by which hackers can break into an account, either by guessing or cracking passwords. Attacks like Dictionary Attack [6], Brute Force Attack [7][8] can help break into an account with a weak password. Dictionary Attack involves automating a script that can try all the words of a dictionary or a word list provided.…”

Section: Introductionmentioning

confidence: 99%

Exploratory Data Analysis on Username-Password Dataset

Jain¹,

Swami²,

Bansal³

2021

FPA

View full text Add to dashboard Cite

Passwords act as a first line of defense against any malicious or unauthorized access to one's personal information. With the increasing digitization, it has now become even more important to choose strong passwords. In this paper, the authors analyze a 100 million Email-Password Database to perform Exploratory Data Analysis. The analysis provides valuable insights on statistics about the most common passwords being used, character set of passwords, most common domains, average length, password strength, frequencies of letters, numbers, symbols (special characters), most common letter, most common number, most common symbol, the ratio of letters, numbers, symbols in passwords which highlights the general trend that users follow while creating passwords. Using the results of this paper, users can make intelligent decisions while creating passwords for themselves, i.e., not opting for the most common features that will help them create robust and less vulnerable passwords.

show abstract

Brute-force and dictionary attack on hashed real-world passwords

Cited by 97 publications

References 8 publications

Passnumbers: An Approach of Graphical Password Authentication Based on Grid Selection

Passnumbers: An Approach of Graphical Password Authentication Based on Grid Selection

Password Guessability as a Service (PGaaS)

Exploratory Data Analysis on Username-Password Dataset

Contact Info

Product

Resources

About