Stealing attack against controlled information, along with the increasing number of
information leakage incidents, has become an emerging cyber security threat in recent …

Abstract Introduction: The increasingly integrated Industrial IoT (IIoT) with industrial systems
brings benefits such as intelligent analytics, predictive maintenance, and remote monitoring …

As the most prevailing two-factor authentication mechanism, smart-card-based password
authentication has been a subject of intensive research in the past two decades, and …

State-of-the-art password guessing tools, such as HashCat and John the Ripper, enable
users to check billions of passwords per second against password hashes. In addition to …

Despite three decades of intensive research efforts, it remains an open question as to what
is the underlying distribution of user-generated passwords. In this paper, we make a …

Human-chosen text passwords, today's dominant form of authentication, are vulnerable to
guessing attacks. Unfortunately, existing approaches for evaluating password strength by …

zxcvbn: Low-Budget Password Strength Estimation Page 1 This paper is included in the
Proceedings of the 25th USENIX Security Symposium August 10–12, 2016 • Austin, TX …

In this study, we examine how to motivate computer users to protect themselves from
potential security and privacy threats. We draw on the Information Processing framework …

Although many users create predictable passwords, the extent to which users realize these
passwords are predictable is not well understood. We investigate the relationship between …

Parameterized password guessability—how many guesses a particular cracking algorithm
with particular training data would take to guess a password—has become a common metric …