Visible to the public Personalized Password Guessing: A New Security Threat

TitlePersonalized Password Guessing: A New Security Threat
Publication TypeConference Paper
Year of Publication2014
AuthorsCao, Phuong, Li, Hongyang, Nahrstedt, Klara, Kalbarczyk, Zbigniew, Iyer, Ravishankar, Slagell, Adam J.
Conference NameProceedings of the 2014 Symposium and Bootcamp on the Science of Security
Conference LocationRaleigh, NC, USA
ISBN Number978-1-4503-2907-1
KeywordsACM CCS, cyber security, Data Driven Security Models and Analysis, Foundations, graphical model, guessing, Human and Societal Aspects of Security and Privacy, Modeling, password, personalized, science of security, suggestion

This paper presents a model for generating personalized passwords (i.e., passwords based on user and service profile). A user's password is generated from a list of personalized words, each word is drawn from a topic relating to a user and the service in use. The proposed model can be applied to: (i) assess the strength of a password (i.e., determine how many guesses are used to crack the password), and (ii) generate secure (i.e., contains digits, special characters, or capitalized characters) yet easy to memorize passwords.

Citation KeyCao:2014:PPG:2600176.2600198