- Tytuł:
- Detecting Password File Theft using Predefined Time-Delays between Certain Password Characters
- Autorzy:
-
Mahmoud, K. W.
Mansour, K.
Makableh, A. - Powiązania:
- https://bibliotekanauki.pl/articles/308289.pdf
- Data publikacji:
- 2017
- Wydawca:
- Instytut Łączności - Państwowy Instytut Badawczy
- Tematy:
-
access control
intrusion detection systems (IDS)
network security
password protection - Opis:
- This paper presents novel mechanisms that effectively detect password file thefts and at the same time prevent uncovering passwords. The proposed mechanism uses delay between consecutive keystrokes of the password characters. In presented case, a user should not only enter his password correctly during the sign-up process, but also needs to introduce relatively large time gaps between certain password characters. The proposed novel approaches disguise stored passwords by adding a suffix value that helps in detecting password file theft at the first sign-in attempt by an adversary who steals and cracks the hashed password file. Any attempt to login using a real password without adding the time delays in the correct positions may considered as an impersonation attack, i.e. the password file has been stolen and cracked.
- Źródło:
-
Journal of Telecommunications and Information Technology; 2017, 4; 101-108
1509-4553
1899-8852 - Pojawia się w:
- Journal of Telecommunications and Information Technology
- Dostawca treści:
- Biblioteka Nauki
Artykuł