all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Impact of Exposed Passwords on Honeyword Efficacy. (arXiv:2309.10323v1 [cs.CR])

Add to bookmarks
Sept. 20, 2023, 1:10 a.m. | Zonghao Huang, Lujo Bauer, Michael K. Reiter

cs.CR updates on arXiv.org arxiv.org

Honeywords are decoy passwords that can be added to a credential database; if
a login attempt uses a honeyword, this indicates that the site's credential
database has been leaked. In this paper we explore the basic requirements for
honeywords to be effective, in a threat model where the attacker knows
passwords for the same users at other sites. First, we show that for
user-chosen (vs. algorithmically generated, i.e., by a password manager)
passwords, existing honeyword-generation algorithms largely fail to achieve …

attacker basic credential database decoy exposed impact leaked login passwords requirements threat threat model

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Differentially private Bayesian tests 23 hours ago | arxiv.org
arxiv confidential cornerstone cs.cr +16
On the Learnability of Watermarks for Language Models 23 hours ago | arxiv.org
arxiv ask can cs.cl +12
Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image … 23 hours ago | arxiv.org
applications arxiv attack cs.cr +14
On the Reliability of Watermarks for Large Language Models 23 hours ago | arxiv.org
arxiv bots cs.cl cs.cr +23
A Watermark for Large Language Models 23 hours ago | arxiv.org
arxiv can cs.cl cs.cr +13
Asymmetric Distributed Trust 23 hours ago | arxiv.org
abstraction algorithms arxiv can +12
Read Disturbance in High Bandwidth Memory: A Detailed Experimental Study on HBM2 DRAM Chips 23 hours ago | arxiv.org
arxiv bandwidth chips cs.ar +5
ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation 23 hours ago | arxiv.org
access address area arxiv +17
A Case Study of Large Language Models (ChatGPT and CodeBERT) for Security-Oriented Code Analysis 23 hours ago | arxiv.org
analysis arxiv can capabilities +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Engineer - Detection and Response

@ Fastly, Inc. | US (Remote)
View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico
View on infosec-jobs.com

Defensive Cyber Operations Engineer-Mid

@ ISYS Technologies | Aurora, CO, United States
View on infosec-jobs.com

Manager, Information Security GRC

@ OneTrust | Atlanta, Georgia
View on infosec-jobs.com

Senior Information Security Analyst | IAM

@ EBANX | Curitiba or São Paulo
View on infosec-jobs.com

Senior Information Security Engineer, Cloud Vulnerability Research

@ Google | New York City, USA; New York, USA
View on infosec-jobs.com
View more jobs