Much attention has been paid to passwords chosen by English speaking users, yet only a
few studies have examined how non-English speaking users select passwords. In this …

Password guessing attacks, prevalent issues in the real world, can be conceptualized as
efforts to approximate the probability distribution of text tokens. Techniques in the natural …

Physical unclonable functions (PUFs) based on unique tokens generated by random
manufacturing processes have been proposed as an alternative to mathematical one-way …

Textual password security hinges on the guessing models adopted by attackers, in which a
suitable password composition representation is an influential factor. Unfortunately, the …

Honeywords are decoy passwords associated with each user account to timely detect
password leakage. The key issue lies in how to generate honeywords that are hard to be …

Large language models (LLMs) successfully model natural language from vast amounts of
text without the need for explicit supervision. In this paper, we investigate the efficacy of …

Credential-guessing attacks often exploit passwords that were reused across a user's online
accounts. To learn how organizations can better protect users, we retrospectively analyzed …

Password security hinges on an in-depth understanding of the techniques adopted by
attackers. Unfortunately, real-world adversaries resort to pragmatic guessing strategies such …

Honeyword (or decoy password) based authentication, first introduced by Juels and Rivest
in 2013, has emerged as a security mechanism that can provide security against server-side …

Password guessing is a primary method for password strength evaluation. Despite various
password guessing models have been proposed, there is still a significant gap between …