Name
Abstract | ||
|---|---|---|
An information system is only as secure as its weakest point. In many information systems that remains to be the human factor, despite continuous attempts to educate the users about the importance of password security and enforcing password creation policies on them. Furthermore, not only do the average users' password creation and management habits remain more or less the same, but the password cracking tools, and more importantly, the computer hardware, keep improving as well. In this study, we performed a broad targeted attack combining several well-established cracking techniques, such as brute-force, dictionary, and hybrid attacks, on the passwords used by the students of a Slovenian university to access the online grading system. Our goal was to demonstrate how easy it is to crack most of the user-created passwords using simple and predictable patterns. To identify differences between them, we performed an analysis of the cracked and uncracked passwords and measured their strength. The results have shown that even a single low to mid-range modern GPU can crack over 95% of passwords in just few days, while a more dedicated system can crack all but the strongest 0.5% of them. |
Year | DOI | Venue |
|---|---|---|
2018 | 10.23919/MIPRO.2018.8400211 | 2018 41ST INTERNATIONAL CONVENTION ON INFORMATION AND COMMUNICATION TECHNOLOGY, ELECTRONICS AND MICROELECTRONICS (MIPRO) |
Keywords | Field | DocType |
password cracking, password security, brute force attack, dictionary attack, hashed passwords | Dictionary attack,Information system,Password cracking,Password strength,Computer security,Computer science,Computer network,Brute force,Password | Conference |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Leon Bosnjak | 1 | 1 | 2.06 |
| J. Sres | 2 | 0 | 0.34 |
| Bostjan Brumen | 3 | 260 | 25.48 |