Global ETD Search

21	Analýza technologií pro distribuci výpočtu při lámání hesel / Analysis of Distributed Computing Technologies for Password Cracking Mráz, Patrik January 2019 (has links) The goal of this thesis is to analyze the technologies for distributed computing in password cracking. Distribution is a key factor regarding the total time of cracking the password which can sometimes take up to tens of years. In the introductory section we take a look at the general password cracking, types of attacks and the most popular tools. Next we address the GPU parallelization as well as the need of distributed computing on multiple computers. We look at all kinds of technologies, such as VirtualCL, BOINC, MPI and analyze their usability in password cracking. We examine each technology's performance, efficiency, scalability and adaptability when given pre-defined conditions. Part of this thesis is a design and implementation of distributed password cracking using MPI technology along with Hashcat, a self-proclaimed World's fastest password cracker.
22	Optimalizace distribuce úloh v systému Fitcrack / Optimization of Task Distribution in Fitcrack System Ženčák, Tomáš January 2020 (has links) The goal of this thesis is the optimization of task distribution in the Fitcrack system. The improvement is reached by way of increasing the accuracy of the estimation of the computational power of worker nodes, and the prevention of the creation of extremely small tasks, as well as increasing the efficiency of the transfer of the tasks to the worker nodes. In this thesis, the current state of the Fitcrack system is described, tested, and evaluated. This thesis then describes the weak points of the current implementation, proposes ways of remediating them and describes, tests and evaluates the implementation of those proposals.
23	Modeling Rational Adversaries: Predicting Behavior and Developing Deterrents Benjamin D Harsha (11186139) 26 July 2021 (has links) In the field of cybersecurity, it is often not possible to construct systems that are resistant to all attacks. For example, even a well-designed password authentication system will be vulnerable to password cracking attacks because users tend to select low-entropy passwords. In the field of cryptography, we often model attackers as powerful and malicious and say that a system is broken if any such attacker can violate the desired security properties. While this approach is useful in some settings, such a high bar is unachievable in many security applications e.g., password authentication. However, even when the system is imperfectly secure, it may be possible to deter a rational attacker who seeks to maximize their utility. In particular, if a rational adversary finds that the cost of running an attack is higher than their expected rewards, they will not run that particular attack. In this dissertation we argue in support of the following statement: Modeling adversaries as rational actors can be used to better model the security of imperfect systems and develop stronger defenses. We present several results in support of this thesis. First, we develop models for the behavior of rational adversaries in the context of password cracking and quantum key-recovery attacks. These models allow us to quantify the damage caused by password breaches, quantify the damage caused by (widespread) password length leakage, and identify imperfectly secure settings where a rational adversary is unlikely to run any attacks i.e. quantum key-recovery attacks. Second, we develop several tools to deter rational attackers by ensuring the utility-optimizing attack is either less severe or nonexistent. Specifically, we develop tools that increase the cost of offline password cracking attacks by strengthening password hashing algorithms, strategically signaling user password strength, and using dedicated Application-Specific Integrated Circuits (ASICs) to store passwords. Computation Theory and Mathematics Computer System Security rational adversary cryptography passwords password security password cracking
24	Lösenordshanterare : Balansen mellan användbarhet och säkerhet / Password Managers : The balance between usability and security Andersson, Jessica Carina, Sanchez Lopez, Cristina, Carlson, Mona Vanessa Gun January 2022 (has links) Lösenord är idag den mest tillämpade metod som används vid verifiering av användare. Metoden är både enkel och kostnadseffektiv vilket verkar vara två faktorer som gjort denna verifieringsmetod populär. Men precis som många andra tillvägagångssätt har även denna sina brister. Ett stort problem med lösenordsverifiering är när människor på egen hand hanterar sina lösenord. Människor tenderar att skapa svaga lösenord och på grund av minnesbegränsningar är det många personer som återanvänder lösenord på flera konton. Minnet begränsar oss människor att komma ihåg flera olika lösenord. Detsamma gäller lösenord som är starka, det vill säga långa och slumpartade teckenkombinationer. Ett tillvägagångssätt för att hantera detta är användandet av lösenordshanterare. En tjänst som bland annat kan vara appbaserad eller webbläsarbaserad. Men trots mängden och variationen av lösenordshanterare har nyttjandet för denna lösning varit låg. För att ta reda på vad detta kan bero på har denna studie gjort en undersökning för att identifiera faktorer som påverkar användningen av lösenordshanterare både positivt respektive negativt. Undersökningen gjordes på 110 respondenter som via en enkät fick ange svar hur deras användning av lösenordshanterare ser ut och varför den ser ut som den gör. / Passwords are the most used method when it comes to verifying users. This method is both easy and cost effective which seems to be two factors that have made it so popular. But, just like many other verification methods, it has its flaws. A big problem is when people are left to their own when creating and sustaining passwords. People tend to create weak passwords as well as reuse them for different accounts. This, in order to save time and memory. Memory constraints prevent people from remembering several unique passwords as well as strong passwords, i.e randomized and long combinations of characters. One way to handle this problem is by using Password Managers. A password manager is a tool that helps the user manage passwords. This tool comes in variations and can be used as an independent app or as a plug-in for browsers. But despite this, the adoption rate continues to be low. To help figure out why, this study has conducted a literature search as well as a survey involving 110 people. Through this survey, answers could be categorized into factors that could influence the reasoning behind the usage and non-usage of password managers. Password Managers Password management Lösenordshanterare lösenordshantering Computer and Information Sciences Data- och informationsvetenskap
25	User Perception of their Password Habits in Terms of Security, Memorability, and Usability Florestedt, Louise, Andersson, Malin January 2024 (has links) In an era where digital security concerns are paramount, understanding users' behaviors and attitudes towards password management is crucial. This research examines users' perception of their password habits in terms of security, memorability, and usability. The study encompasses a comprehensive survey and interviews conducted with individuals across various professional backgrounds and age groups. A total of 87 online users responded to the questionnaire and ten individuals were interviewed to gather more in-depth data. The study aimed to understand how users perceive the trade-offs between security, memorability, and usability in their password habits and what factors influence their choices in creating and managing passwords. The findings reveal nuanced insights into users' password practices. While users acknowledge the importance of security, they often prioritize memorability and usability over stringent security measures. Factors such as convenience, familiarity, and personal preferences significantly influence password creation and management. Despite being aware of security risks associated with weak passwords and password reuse, users commonly engage in these practices due to the challenges posed by complex password requirements and the sheer volume of passwords needed for various accounts. Overall, this research underscores the importance of understanding users' perspectives on password habits to develop more effective strategies for promoting password security. By bridging the gap between user behavior and security policies, organizations may be able to tailor interventions that align with user preferences, thereby fostering a more secure online environment. Information Security Passwords Password Security Memorability Usability Password Habits Information Systems
26	PASSWORD SECURITY, AN ANALYSIS OF AUTHENTICATION METHODS Safder, Waqas January 2024 (has links) An era in which transactions and communication are quick and easy owing to fast-growing IT technology has commenced nowadays. Because of the extensive use of IT and its wide distribution, it is easy to access private information. Implementing more stringent computer security processes is vital to shielding this data from unlawful penetration, a never-ending battle. Data and service integrity, availability, and confidentiality are the three pillars upon which computer security stands. Password authentication is the key defense mechanism used among the systems battling security loopholes. This research selected a systematic literature review (SLR) to collect up-to-date data on different password security authentication mechanisms. A detailed review of the previous work isdone to gather all existing authentication techniques from the current literature and compare and select them for use in different settings. The result revealed the usages, benefits, and drawbacks of discovered password security and authentication methods. In the end, a framework is proposed to enhance the security of password systems. Password-Based Authentication Password Security Authentication Techniques Computer and Information Sciences Data- och informationsvetenskap
27	Finding structure in passwords : Using transformer models for password segmentation Eneberg, Lina January 2024 (has links) Passwords are common figures in everyone’s everyday life. One person has in average80 accounts for which they are supposed to use different passwords. Remembering allthese passwords is difficult and leads to people reusing, or reusing with slight modification,passwords on many accounts. Studies on memory show that information relating tosomething personal is more easily remembered. This is likely the reason as to why manypeople use passwords relating to either self, relatives, lovers, friends, or pets. Hackers will most often use either brute force or dictionary attacks to crack a password.These techniques can be quite time consuming so using machine learning could bea faster and easier approach. Segmenting someone’s previous passwords into meaningfulunits often reveals personal information about the creator and can thus be used as a basisfor password guessing. This report focuses on evaluating different sizes of the GPT-SW3model, which uses a transformer architecture, on password segmentation. The purposeis to find out if the GPT-SW3 model is suitable to use as a password segmenter and byextension if it can be used for password guessing. As training data, a list of passwords collected from a security breach on a platformcalled RockYou was used. The passwords were segmented by the author to provide themodel with a correct answer to learn from. The evaluation metric, Exact Match, checksif the model’s prediction is the same as that of the author. There were no positive resultswhen training GPT-SW3, most likely because of technical limitations. As the results arerather insufficient, future studies are required to prove or disprove the assumptions thisthesis is based on. transformer password segmentation GPT-SW3 memory password guessing
28	Exploring the Number of Tries Related to Cracking Passwords Generated with Different Strategies Birath, Marcus January 2019 (has links) As more services and workflows are moved into computerized systems the number of accounts a person has to be aware of is on steady increase. Today the average user is likely to have more than 25 accounts for different services used on a daily basis that all need authentication. The dominant authentication mechanism used today is still password authentication. In an attempt to satisfy the requirements of different password creation policies and to recall all passwords when needed users tend to rely on different strategies for password creation. These strategies may all seem to provide adequate security, and they may do, but the reality is that they differ tremendously in terms of how time consuming it is to crack passwords generated with the different strategies. By conducting interviews with domain experts different password creation strategies are discussed and pseudo algorithms for cracking passwords are constructed. Based on mutual definitions of the classes and a predefined word list the cost for cracking passwords generated by different strategies are explored. Major findings indicate that strategies based on phrases are at the top of the list. Using a strategy to create a seemingly random password based on a logical phrase, where only the first letter from each word is used, tends in some cases to be the best of choice. An example is to turn the phrase “this password is the greatest of them all” into “tpitgota” instead of using the phrase “goodword” to create an 8 character long password. However, if the phrase contains words not usually found in common dictionaries the best strategy seems instead to be utilizing character substitution as in turning the phrase “my dog Krillex is cool” into “myDoGkriLLExiscooL”. Password Cracking Strategies Computer and Information Sciences Data- och informationsvetenskap
29	Enhanced Password Security on Mobile Devices Liu, Dongtao January 2013 (has links) <p>Sleek and powerful touchscreen devices with continuous access to high-bandwidth wireless data networks have transformed mobile into a first-class development platform. Many applications (i.e., "apps") written for these platforms rely on remote services such as Dropbox, Facebook, and Twitter, and require users to provide one or more passwords upon installation. Unfortunately, today's mobile platforms provide no protection for users' passwords, even as mobile devices have become attractive targets for password-stealing malware and other phishing attacks.</p><p>This dissertation explores the feasibility of providing strong protections for passwords input on mobile devices without requiring large changes to existing apps.</p><p>We propose two approaches to secure password entry on mobile devices: ScreenPass and VeriUI. ScreenPass is integrated with a device's operating system and continuously monitors the device's screen to prevent malicious apps from spoofing the system's trusted software keyboard. The trusted keyboard ensures that ScreenPass always knows when a password is input, which allows it to prevent apps from sending password data to the untrusted servers. VeriUI relies on trusted hardware to isolate password handling from a device's operating system and apps. This approach allows VeriUI to prove to remote services that a relatively small and well-known code base directly handled a user's password data.</p> / Dissertation Computer science Mobile Computing Password Security Trusted UI
30	Token-based Graphical Password Authentication Gyorffy, John Unknown Date No description available. Graphical Password Phishing USB token Internet security Trojan

Search results