Passtrans

An Improved Password Reuse Model Based on Transformer

Conference paper (2022)

Authors

Xiaoxi He Peking University

Haibo Cheng Peking University

Jiahong Xie Peking University

Ping Wang Peking University

K. Liang

DOI: https://doi.org/10.1109/ICASSP43922.2022.9746731

Similarity Credential tweaking attack Password model Password reuse

To reference this document use:

http://resolver.tudelft.nl/uuid:e5432579-616c-47b7-be8d-3fa4abdc70fc

More Info

expand_more

Published Date

2022

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Passwords have been widely used in online authentication, and they form the front line that protects our data security and privacy. But the security of password may be easily harmed by insecure password generator. Massive reports state that users are always keen to generate new passwords by reusing or fine-tuning old secrets. Once an old password is leaked, the users may suffer from credential tweaking attacks. We propose a password reuse model PassTrans and simulate credential tweaking attacks. We evaluate the performance in leaked password datasets, and the results show that 67.51% of accounts is breakable under 1,000 guesses, indicating our model is accurate in capturing password reuse behavior.

Files

Passtrans_An_Improved_Password... (pdf)

(pdf | 2.05 Mb)

- Embargo expired in 01-07-2023