Verified Password Generation from Password Composition Policies

Grilo, Miguel L.; Campos, Jorge; Ferreira, João F.; Almeida, José Bacelar; Mendes, Ana Cristina

doi:10.1007/978-3-031-07727-2_15

Cited by 3 publications

(4 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also, high entropy can be gained by including mnemonic aids for ALPHANUM, removing obscure words from the DICEWARE word list, and combining upper case letters and punctuations to the PRONOUNCE3 schemes (Smith, 2020). Grilo, Ferreira & Almeida (2021) studied 15 password managers to understand commonly used generation algorithms, and Google, Bitwarden, and KeePass algorithms were critically reviewed since they are open-source and widely used in the industry. They defined that generated passwords must satisfy the password composition policies including password character length and different character classes to avoid passwords being easily guessed or reused.…”

Section: Literature Reviewmentioning

confidence: 99%

“…The main advantage of this is that users only have to remember a single password and the tool memorizes all other sensitive data for themselves (Rahalkar & Gujar, 2019). Grilo, Ferreira & Almeida (2021) stated that security experts are strongly recommending password managers for password creation and storage which also frees the users from the cognitive burden of password management. Gupta et al (2020b) Guo et al (2019) presented that password managers can mainly be divided Fernando, Dissanayake, Dushmantha, Liyanage, and Karunatilake, 2023. into two kinds.…”

Section: Password Alternativesmentioning

confidence: 99%

“…This feature gives high availability for users to access login credentials and other sensitive data anywhere anytime platform independently (Anand, Susila & Balakrishnan, 2018;Gupta et al, 2022). Chaudhary et al (2019) and (Grilo, Ferreira & Almeida, 2021) counter-argued that online managers come with the possibility of security breaches and mistrust of the service provider since confidentiality arrangements might not be true at all times. Luevanos et al (2017) reported that two major online password managers in the market, LastPass and Roboform have been identified for storing credentials and sensitive data in plain text on the cloud servers and offering suggestions for the other third-party vendors on product and data security.…”

Section: Use Of Password Managersmentioning

confidence: 99%

See 2 more Smart Citations

Challenges and Opportunities in Password Management: A Review of Current Solutions

Fernando,

Dissanayake,

Dushmantha

et al. 2023

SL J. Soc. Sci. Hum.

View full text Add to dashboard Cite

For over six decades, passwords have served as the primary authentication mechanism for almost all modern computer systems. However, password management is a challenging task for most computer users, and that has led users to many malpractices that open the door for most information security breaches over time. Despite many efforts, no alternative solution has ever succeeded in replacing passwords as the primary authentication mechanism. As a result, users are now heavily relying on password managers to alleviate the burden of manual password management. This paper addresses the topic of password management about different types of password managers and their inherent limitations. By evaluating the existing password management approaches and identifying potential improvements, this paper aims to signify an important research gap that exists in the study area; the need for fully automating the process of manual password management.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Section: Password Alternativesmentioning

confidence: 99%

Section: Use Of Password Managersmentioning

confidence: 99%

See 1 more Smart Citation

Challenges and Opportunities in Password Management: A Review of Current Solutions

Fernando,

Dissanayake,

Dushmantha

et al. 2023

SL J. Soc. Sci. Hum.

View full text Add to dashboard Cite

show abstract

“…Some studies have focused on one security procedure, such as resetting passwords [9][10][11]. Other studies have focused on only one part of a security procedure, such as password policies [12][13][14][15][16][17] or password meters [18][19][20][21][22]. Some research has focused on specific authentication methods, such as passwords [23][24][25], biometrics [26][27][28][29], or two-factor authentication [30][31][32][33][34][35].…”

Section: Introductionmentioning

confidence: 99%

Reviewing the Usability of Web Authentication Procedures: Comparing the Current Procedures of 20 Websites

Albesher

2023

Sustainability

View full text Add to dashboard Cite

A sustainable online environment is essential to protecting businesses from abuse and data breaches. To protect sustainability, websites’ authentication procedures should continuously keep up with new technologies and the ways in which these technologies are used. Thus, a continuous assessment of these authentication procedures is required to ensure their usability. This research aimed to compare the status of the sign-up, sign-in, and password recovery processes on 20 websites. The researcher checked every website in a separate session and used the “think-aloud” technique while recording the screen to ensure accurate data analysis. Specific items were checked during every session to detect the similarities and differences between the tested websites in their authentication processes. The results led to valuable discussions and recommendations for improving authentication procedures. Some of these recommendations include best practices for better design of password rules, determining when two-factor authentication should be compulsory, and understanding how to improve password reset processes and keep accounts secure.

show abstract

Studying Users’ Willingness to Use a Formally Verified Password Manager

Carreira

2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Verified Password Generation from Password Composition Policies

Cited by 3 publications

References 18 publications

Challenges and Opportunities in Password Management: A Review of Current Solutions

Challenges and Opportunities in Password Management: A Review of Current Solutions

Reviewing the Usability of Web Authentication Procedures: Comparing the Current Procedures of 20 Websites

Studying Users’ Willingness to Use a Formally Verified Password Manager

Contact Info

Product

Resources

About