Name
Title | ||
|---|---|---|
How viable is password cracking in digital forensic investigation? Analyzing the guessability of over 3.9 billion real-world accounts |
Abstract | ||
|---|---|---|
Passwords have been and still remain the most common method of authentication in computer systems. These systems are therefore privileged targets of attackers, and the number of data breaches in the last few years attests to that. A detailed analysis of such data can provide insight on password trends and patterns users follow when they create a password. To this end, this paper presents the largest and most comprehensive analysis of real-world passwords to date – associated with over 3.9 billion accounts from Have I Been Pwned. This analysis includes statistics on use and most common patterns found in passwords and innovates with a breakdown of the constituent fragments that make each password. Furthermore, a classification of these fragments according to their semantic meaning, provides insight on the role of context in password selection. Finally, we provide an in-depth analysis on the guessability of these real-world passwords. |
Year | DOI | Venue |
|---|---|---|
2021 | 10.1016/j.fsidi.2021.301186 | Forensic Science International: Digital Investigation |
Keywords | DocType | Volume |
Password security,Password-based authentication,Context-based password cracking,Password strength meters | Journal | 37 |
ISSN | Citations | PageRank |
2666-2817 | 0 | 0.34 |
References | Authors | |
4 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Aikaterini Kanta | 1 | 0 | 1.01 |
| Sein Coray | 2 | 0 | 0.34 |
| Iwen Coisel | 3 | 0 | 0.34 |
| Mark Scanlon | 4 | 0 | 0.34 |