Passcrack: cracking, hashing, and strength testing for a secure digital future

[1] C. Florencio and C. Herley, “A large-scale study of web password habits,” in Proc. ACM SIGCHI Conf. Human Factors Comput. Syst., Seoul, South Korea, 2015, pp. 1–10. FlorencioC. HerleyC. “A large-scale study of web password habits,” in Proc. ACM SIGCHI Conf. Human Factors Comput. Syst. Seoul, South Korea 2015 1 10 Search in Google Scholar

[2] X. Liu, Y. Wang, and J. Zhang, “Improving password security through machine learning-based strength estimation,” IEEE Trans. Inf. Forensics Security, vol. 13, no. 4, pp. 865–879, Apr. 2018. LiuX. WangY. ZhangJ. “Improving password security through machine learning-based strength estimation,” IEEE Trans. Inf. Forensics Security 13 4 865 879 Apr. 2018 Search in Google Scholar

[3] S. Kwon, J. Kim, and H. Lee, “Analyzing password vulnerabilities: Cracking methods and defenses,” J. Cyber Security, vol. 15, no. 3, pp. 45–58, 2020. KwonS. KimJ. LeeH. “Analyzing password vulnerabilities: Cracking methods and defenses,” J. Cyber Security 15 3 45 58 2020 Search in Google Scholar

[4] B. Miller, R. Johnson, and A. Davis, “Comparative study of password cracking tools: Efficiency and security implications,” IEEE Trans. Cyber Security, vol. 9, no. 2, pp. 345–360, 2022. MillerB. JohnsonR. DavisA. “Comparative study of password cracking tools: Efficiency and security implications,” IEEE Trans. Cyber Security 9 2 345 360 2022 Search in Google Scholar

[5] M. Wu, T. S. Smith, and L. Chen, “Educational impact of password security awareness programs,” in Proc. IEEE Int. Conf. Cyber Security, New York, NY, USA, 2021, pp. 89–94. WuM. SmithT. S. ChenL. “Educational impact of password security awareness programs,” in Proc. IEEE Int. Conf. Cyber Security New York, NY, USA 2021 89 94 Search in Google Scholar

[6] J. Wang and X. Zhang, “Entropy-based password strength measurement: A new approach,” in Proc. Int. Conf. Adv. Comput. Security, San Francisco, CA, USA, 2020, pp. 120–126. WangJ. ZhangX. “Entropy-based password strength measurement: A new approach,” in Proc. Int. Conf. Adv. Comput. Security San Francisco, CA, USA 2020 120 126 Search in Google Scholar

[7] S. Das, K. Patel, and P. Reddy, “Effectiveness of rainbow table attacks against various hashing algorithms,” IEEE Access, vol. 8, pp. 234–245, 2020. DasS. PatelK. ReddyP. “Effectiveness of rainbow table attacks against various hashing algorithms,” IEEE Access 8 234 245 2020 Search in Google Scholar

[8] R. D. Smith and J. Chen, “Comparative study of password hashing algorithms: bcrypt, PBKDF2, and Argon2,” IEEE Trans. Inf. Syst. Security, vol. 19, no. 4, pp. 340–355, 2021. SmithR. D. ChenJ. “Comparative study of password hashing algorithms: bcrypt, PBKDF2, and Argon2,” IEEE Trans. Inf. Syst. Security 19 4 340 355 2021 Search in Google Scholar

[9] Y. Ruoti and A. Muir, “Security risks of password reuse: A large-scale empirical study,” IEEE Trans. Depend. Secure Comput., vol. 18, no. 1, pp. 10–22, 2021. RuotiY. MuirA. “Security risks of password reuse: A large-scale empirical study,” IEEE Trans. Depend. Secure Comput. 18 1 10 22 2021 Search in Google Scholar

[10] L. Toubiana, F. Miller, and K. Singh, “Human factors in password security: Behavioral influences,” in Proc. Int. Conf. Cyber Behav. Secur., London, U.K., 2017, pp. 140–152. ToubianaL. MillerF. SinghK. “Human factors in password security: Behavioral influences,” in Proc. Int. Conf. Cyber Behav. Secur. London, U.K. 2017 140 152 Search in Google Scholar

[11] R. Bonneau, C. Herley, and P. van Oorschot, “Password security: Alternative authentication mechanisms,” in Proc. IEEE Symp. Security Privacy, Washington, DC, USA, 2015, pp. 50–64. BonneauR. HerleyC. van OorschotP. “Password security: Alternative authentication mechanisms,” in Proc. IEEE Symp. Security Privacy Washington, DC, USA 2015 50 64 Search in Google Scholar

[12] M. Wang and Y. Zhang, “Phishing attacks and password compromises: A security analysis,” J. Inf. Security Res., vol. 22, no. 5, pp. 30–42, 2019. WangM. ZhangY. “Phishing attacks and password compromises: A security analysis,” J. Inf. Security Res. 22 5 30 42 2019 Search in Google Scholar

[13] H. Hadnagy, Social Engineering: The Science of Human Hacking, 2nd ed. Hoboken, NJ, USA: Wiley, 2018. HadnagyH. Social Engineering: The Science of Human Hacking 2nd ed. Hoboken, NJ, USA Wiley 2018 Search in Google Scholar

[14] A. Pashalidis and S. Furnell, “User compliance with password security policies,” Comput. Secur., vol. 65, pp. 120–134, 2016. PashalidisA. FurnellS. “User compliance with password security policies,” Comput. Secur. 65 120 134 2016 Search in Google Scholar

[15] M. H. Zetter, P. J. O'Neill, and R. D. Vance, “User psychology in password creation: Security vs. memorability,” Comput. Human Behav., vol. 110, pp. 345–362, 2019. ZetterM. H. O'NeillP. J. VanceR. D. “User psychology in password creation: Security vs. memorability,” Comput. Human Behav. 110 345 362 2019 Search in Google Scholar

[16] C. McCarty and K. Leach, “Multi-factor authentication adoption and usability challenges,” Comput. Secur., vol. 85, pp. 100–112, 2017. McCartyC. LeachK. “Multi-factor authentication adoption and usability challenges,” Comput. Secur. 85 100 112 2017 Search in Google Scholar

[17] S. P. Xu and L. Chen, “Passwordless authentication: A security perspective,” in Proc. IEEE Int. Conf. Cybersecurity Technol., 2021, pp. 250–260. XuS. P. ChenL. “Passwordless authentication: A security perspective,” in Proc. IEEE Int. Conf. Cybersecurity Technol. 2021 250 260 Search in Google Scholar

[18] X. Zhang, T. Lin, and P. Wei, “Deep learning-based password cracking: Effectiveness and countermeasures,” IEEE Trans. Neural Netw. Learn. Syst., vol. 34, no. 3, pp. 567–579, Mar. 2023. ZhangX. LinT. WeiP. “Deep learning-based password cracking: Effectiveness and countermeasures,” IEEE Trans. Neural Netw. Learn. Syst. 34 3 567 579 Mar. 2023 Search in Google Scholar

[19] R. S. Mahmood and H. Ali, “Integrating password policies with user compliance strategies,” IEEE Trans. Inf. Syst. Security, vol. 17, no. 6, pp. 210–224, 2019. MahmoodR. S. AliH. “Integrating password policies with user compliance strategies,” IEEE Trans. Inf. Syst. Security 17 6 210 224 2019 Search in Google Scholar

[20] D. Alshaikh and M. Casey, “Evaluating password strength metrics: A security analysis,” in Proc. IEEE Int. Conf. Cyber Security Appl., Tokyo, Japan, 2020, pp. 98–112. AlshaikhD. CaseyM. “Evaluating password strength metrics: A security analysis,” in Proc. IEEE Int. Conf. Cyber Security Appl. Tokyo, Japan 2020 98 112 Search in Google Scholar

[21] S. Jain and R. Gupta, “Deep learning-based password security enhancements,” in Proc. IEEE Int. Conf. Artificial Intelligence Security, Berlin, Germany, 2018, pp. 215–224. JainS. GuptaR. “Deep learning-based password security enhancements,” in Proc. IEEE Int. Conf. Artificial Intelligence Security Berlin, Germany 2018 215 224 Search in Google Scholar

[22] R. Shapiro and S. Levit, “Mobile application security and password management,” IEEE Trans. Mobile Comput., vol. 15, no. 5, pp. 780–795, 2020. ShapiroR. LevitS. “Mobile application security and password management,” IEEE Trans. Mobile Comput. 15 5 780 795 2020 Search in Google Scholar

[23] P. J. O'Neill and M. Casey, “Password entropy and its implications for security policies,” in Proc. IEEE Symp. Information Theory Security, Paris, France, 2020, pp. 88–102. O'NeillP. J. CaseyM. “Password entropy and its implications for security policies,” in Proc. IEEE Symp. Information Theory Security Paris, France 2020 88 102 Search in Google Scholar