Global ETD Search

41	Developing a passwordgenerating software : Regarding password memorability and security / Utveckling av programvara förlösenordsgenerering : Avseende till minnesvärdhet och säkerhet gällande lösenord Mogaddam, Anton, Muhammad, Khan January 2022 (has links) With the growth of digital information and technology, more websites require user authentication to access individuals' sensitive information. The main form of authentication are passwords which if chosen unwisely can easily be guessed or cracked by someone else. This is why it is important to create safe yet memorable passwords. The goal of this report was to develop a program that is able to detect commonly used patterns within passwords in order to transform a specified user inputted password into a more secure password without sacrificing the memorability of the original input. This was realized by analyzing lists of common passwords and partaking in a literature study within this field to identify the patterns present within those password lists. Based on the pattern analysis the program could be designed and developed using python to transform a password into three different password classes with differing levels of security and memorability. The password cracking software hashcat as well as online resources were used to estimate the time it would crack each set of passwords to then gain an understanding of the security levels between them. Results show that it is possible to perform password generation without sacrificing too much security while still having the passwords somewhat memorable. / Med framväxten av digital information och teknik kräver fler webbplatser användarautentisering för att få tillgång till individers känsliga information. Den huvudsakliga formen av autentisering är lösenord, och om de väljs oklokt, kan lätt gissas eller knäckas av någon annan. Det är därför det är viktigt att skapa säkra men ändå minnesvärda lösenord. Målet med denna rapport var att utveckla ett program som kan upptäcka vanliga mönster i lösenord för att omvandla ett specifikt användar inmatat lösenord till ett säkrare lösenord utan att offra minnesvärdheten av den ursprungliga inmatningen. Detta förverkligas genom att analysera listor med vanliga lösenord och delta i en litteraturstudie inom detta område för att identifiera mönstren som finns i dessa lösenordslistor. Baserat på mönsteranalysen kunde programmet designas och utvecklas med Python för att omvandla ett lösenord in till tre olika lösenordsklasser med olika nivåer av säkerhet och minnesvärdhet. Mjukvaran ”hashcat” (ett lösenordsåterställningsverktyg) samt resurser från nätet användes för att uppskatta den tid det skulle ta att knäcka varje uppsättning av lösenord för att sedan få en förståelse för säkerhetsnivåerna mellan dem. Resultaten visar att det är möjligt att digitalt generera lösenord utan att offra för mycket säkerhet, samtidigt som lösenorden behåller minnesvärdheten. Passwords keyboard patterns password memorability Python Hashcat Lösenord tangentbords mönster minnesvärdhet för lösenord Python Hashcat Computer Sciences Datavetenskap (datalogi)
42	An Experimental Study on the Role of Password Strength and Cognitive Load on Employee Productivity Mujeye, Stephen 01 January 2016 (has links) The proliferation of information systems (IS) over the past decades has increased the demand for system authentication. While the majority of system authentications are password-based, it is well documented that passwords have significant limitations. To address this issue, companies have been placing increased requirements on the user to ensure their passwords are more complex and consequently stronger. In addition to meeting a certain complexity threshold, the password must also be changed on a regular basis. As the cognitive load increases on the employees using complex passwords and changing them often, they may have difficulty recalling their passwords. As such, the focus of this experimental study was to determine the effects of raising the cognitive load of the authentication strength for users upon accessing a system via increased strength for passwords requirements. This experimental research uncovered the point at which raising the authentication strength for passwords becomes counterproductive by its impact on end-user performances. To investigate the effects of changing the cognitive load (via different password strength) over time, a quasi-experiment was proposed. Data was collected in an effort to analyze the number of failed operating system (OS) logon attempts, users’ average logon times, average task completion times, and number of requests for assistance (unlock & reset account). Data was also collected for the above relationships when controlled for computer experience, age, and gender. This quasi-experiment included two experimental groups (Group A & B), and a control group (Group C). There was a total of 72 participants from the three groups. Additionally, a pretest-posttest experiment survey was administered before and after the quasi-experiment. Such assessment was done in an effort to see if user’s perceptions of password use would be changed by participating in this experimental study. The results indicated a significant difference between the user’s perceptions about passwords before and after the quasi-experiment. The Multivariate Analysis of Variance (MANOVA) and Multivariate Analysis of Covariate (MANCOVA) tests were conducted. The results revealed a significance difference on the number of failed logon attempts, average logon times, average task completion, and amount of request for assistance between the three groups (two treatment groups & the control group). However, no significant differences were observed when controlling for computer experience, age, and gender. This research study contributed to the body of knowledge and has implications for industry as well as for further study in the information systems domain. It contributed by giving insight into the point at which an increase of the cognitive load (via different password strengths) become counterproductive to the organization by causing an increase in number of failed OS logon attempts, users' average logon times, average task completion times, and number of requests for assistance (unlock and reset account). Future studies may be conducted in the industry as results by differ from college students. Information technology Access Control Authentication Cognitive Load Theory Password Complexity Paradox Passwords Password Strength Computer Sciences Computer Security Databases and Information Systems
43	O Teorema chinês dos restos e a partilha de senhas PRAZERES, Sidmar Bezerra dos 16 June 2014 (has links) Submitted by (lucia.rodrigues@ufrpe.br) on 2017-03-29T14:30:56Z No. of bitstreams: 1 Sidmar Bezerra dos Prazeres.pdf: 511759 bytes, checksum: cf327985c0961f16751448a107717241 (MD5) / Made available in DSpace on 2017-03-29T14:30:56Z (GMT). No. of bitstreams: 1 Sidmar Bezerra dos Prazeres.pdf: 511759 bytes, checksum: cf327985c0961f16751448a107717241 (MD5) Previous issue date: 2014-06-16 / This paper aims to show the reader the importance of some topics of Number Theory. Work here, and prerequisites (Euclid Algorithms, Divisibility, Maxim Common Divisor), content with Linear Diophantine equations, congruences, and the main theme, which is the mighty Chinese Remainder Theorem of presenting their theories, importance, applicability on the day and its usefulness in the Theory of Numbers. The main applicability of Chinese Remainder Theorem of this work is Sharing Passwords. Sharing of passwords is a security mechanism, where a certain amount of people take possession of a key to access the secret without the possibility of obtaining the secret with his own key. / Este trabalho tem como objetivo mostrar ao leitor a importância de alguns t ópicos da Teoria dos N úmeros. Trabalharemos aqui, al ém de pré-requisitos (Algoritmo de Euclides, Divisibilidade, M áximo Divisor Comum), conte údos como Equa ções Diofantinas Lineares, Congruências e o principal tema, que e o poderoso Teorema Chinês dos Restos, apresentando suas teorias, importâncias, aplicabilidade no dia a dia e sua a utilidade na Teoria dos N úmeros. A principal aplicabilidade do Teorema Chinês apresentada neste trabalho e a Partilha de Senhas. Esta partilha de senhas é um mecanismo de seguran ça, onde uma certa quantidade de pessoas tomam posse de uma chave de acesso sem a possibilidade de obter a senha principal com a sua pr ópria chave. Teorema chinês dos restos Algoritmo de Euclides Equações Diofantinas Partilha de senhas Euclidean algorithm Chinese remainder theorem Diophantine equations Sharing passwords CIENCIAS EXATAS E DA TERRA::MATEMATICA
44	Bezpečnost a ochrana dat a informací v bankovnictví pro manažery / Security and Protection of Data and Information in Banking Business for Managers Melichar, Jan January 2009 (has links) This dissertation describes information as an economic object and focuses on information security with reference to all technical and social aspects and documents the necessity to consider both those areas simultaneously. The dissertation determines information security standards and describes some tools being used for effective data protection and information systems protection. One part of this dissertation is a model design for effective controlling of data and process protection, which can be used by bank managers on process control design especially in transaction processing area. This model is divided into several logical and consequential blocks and provides help to operating managers to design or redesign new or existing processes accordingly. The dissertation clearly highlights related insufficiencies especially those related to data access protection and passwords and one related survey has been performed to prove that
45	Ukládání důvěrných informací pro Windows Mobile / Confidential Information Storage for Windows Mobile System Štorek, Vojtěch January 2010 (has links) Confidential information such as passwords, cryptographic keys, certificates, etc. are used every day on various places. Mobile phone can be a good storage for such informations, but is necessary to ensure data security. Main goal of this project is to create a program for Windows Mobile phones which will keep all the informations in one place protected by password. Designed program lets user to store passwords, cryptographic keys, various files, important contacts, credit card numbers, etc. Some of the stored informations can be downloaded from remote server via FTP protocol or from smart card. It is also possible that two clients will synchronize their informations via Network and other usefull functions.
46	Secure web applications against off-line password guessing attack : a two way password protocol with challenge response using arbitrary images Lu, Zebin 14 August 2013 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / The web applications are now being used in many security oriented areas, including online shopping, e-commerce, which require the users to transmit sensitive information on the Internet. Therefore, to successfully authenticate each party of web applications is very important. A popular deployed technique for web authentication is the Hypertext Transfer Protocol Secure (HTTPS) protocol. However the protocol does not protect the careless users who connect to fraudulent websites from being trapped into tricks. For example, in a phishing attack, a web user who connects to an attacker may provide password to the attacker, who can use it afterwards to log in the target website and get the victim’s credentials. To prevent phishing attacks, the Two-Way Password Protocol (TPP) and Dynamic Two-Way Password Protocol (DTPP) are developed. However there still exist potential security threats in those protocols. For example, an attacker who makes a fake website may obtain the hash of users’ passwords, and use that information to arrange offline password guessing attacks. Based on TPP, we incorporated challenge responses with arbitrary images to prevent the off-line password guessing attacks in our new protocol, TPP with Challenge response using Arbitrary image (TPPCA). Besides TPPCA, we developed another scheme called Rain to solve the same problem by dividing shared secrets into several rounds of negotiations. We discussed various aspects of our protocols, the implementation and experimental results. Web Security Web sites -- Security measures World Wide Web -- Security measures Computer network protocols -- Standards Computer hackers Computers -- Access control -- Passwords Internet -- Security measures Phishing -- Security measures
47	Two-Factor Authentication : Selecting and implementing a two-factor authentication method for a digital assessment platform Tellini, Niklas, Vargas, Fredrik January 2017 (has links) Two-Factor Authentication (2FA) is a two-step verification process that aims to provide an additional layer of security by requiring the user to authenticate himself/herself using a secondary means (ownership factor or inheritance factor). Without the use of 2FA, an attacker could gain access to a person’s devices or accounts solely by knowing the victim’s password, while with 2FA knowing only this password is insufficient to pass the authentication check. In this project, we analyze different methods in which 2FA could be implemented by a Digital Assessment Platform. These platforms allow test assessments to be built directly into digital content; therefore, an important requirement of these systems is secure authentication. Moreover, it is important to securely protect teachers’ account in order to avoid unauthorized people gaining access to those accounts. We investigate how 2FA could be used to add an extra layer of security to teachers’ accounts, focusing on cost, user experience, ease of use, and deployment of the solution. We arrived at the conclusion that 2FA through an ownership factor is a suitable method and we implemented a solution based upon One-Time Passwords. This thesis project will hopefully benefit Digital Assessment Platforms who wish to implement 2FA by providing broader knowledge regarding this subject. The project should also benefit society by increasing the general knowledge of 2FA, hence leading to more secure services. / Tvåfaktorsautentisering (2FA) är en tvåstegs verifieringsprocess som syftar att ge en extra nivå av säkerhet, i och med att den kräver användaren att autentisera sig själv genom en sekundär faktor (något man äger eller har ärvt). Utan användning av 2FA, kan en förövare få åtkomst till en persons mobila enhet eller konto endast genom att kunna offrets lösenord. Att enbart kunna lösenordet är inte tillräckligt för att en autentiseringsprocess ska vara godkänd om 2FA är implementerad. I det här projektet analyseras olika 2FA som skulle kunna implementeras av en digital utvärderingsplattform. Sådana plattformar förvandlar tester och prov till digitalt innehåll och kräver därför en säker autentisering. Dessutom är det viktigt att säkra lärarnas konton för att undvika att icke auktoriserade personer loggar in på deras konton. Vi undersöker hur 2FA kan användas för att lägga till en extra nivå av säkerhet på lärarnas konton, med fokus på kostnad, användarupplevelse, lättanvändlighet och utplacering av lösningen. Vi kom fram till att 2FA via en faktor man äger är en passande metod och vi implementerade sedan en lösning grundad på engångslösenord. Detta projekt kan förhoppningsvis vara till förmån för digitala utvärderingsplattformar som vill implementera 2FA, genom att ge en bredare kunskap inom detta område. Projektet skulle kunna gynna allmänheten genom att bidra till ökad generell kunskap om 2FA, och därav leda till säkrare tjänster. Two-Factor Authentication Security One-Time Passwords Access control Digital Assessment Platform Två-stegs autentisering Säkerhet Engångslösenord Åtkomst kontroll Digital bedömningsplattform Communication Systems Kommunikationssystem
48	Authentication challenges for people with neurodevelopmental disorders Chrzan, Patryk January 2023 (has links) We live in a world where we increasingly depend on information technology, as much of our work and education occurs online, often from home. An average user has an increasing amount of accounts for all kinds of online services, making authentication more and more important. As people authenticate several times a day, it is important that everyone is able to use online services and authenticate themselves, including minorities such as individuals with neurodevelopmental disorders. This thesis explores the challenges people with neurodevelopmental disorders have with authentication as well as authentication methods that can help them. This was achieved by doing a systematic literature review on collected bibliography with the help of thematic analysis. 18 studies were analyzed and helped us answer the research questions and give us an overview of the research field. The analysis showed that text-based authentication was a big issue for individuals with neurodevelopmental disorders, where passwords were often highlighted as the culprit. Alternative authentication methods were identified but showed us that there was no easy fix to the issue at hand, and that more had to be done to make authentication more accessible. / Vi lever i en värld där vi är alltmer beroende av informationsteknologi, eftersom mycket av vårt arbete och utbildning nu istället sker online, ofta även hemifrån. En genomsnittlig användare har ett ökande antal konton för alla sorters onlinetjänster, vilket gör autentisering allt viktigare. Då människor autentiserar flera gånger om dagen är det viktigt att alla kan använda onlinetjänster och auntentisera sig, inklusive minoriteter som individer med neuropsykiatriska funktionsnedsättningar. Detta examensarbete utforskar de utmaningar som personer medneuropsykiatriska funktionsnedsättningar har med autentisering samt autentiseringsmetoder som kan hjälpa dem. Detta uppnåddes genom att göra en systematisk litteraturöversikt med insamlad bibliografi med hjälp av tematisk analys. 18 studier analyserades och hjälpte oss att svara på forskningsfrågorna samt ge oss en överblick över forskningsfältet. Analysen visade att textbaserad autentisering var ett stort problem för individer med neuropsykiatriska funktionsnedsättningar, där lösenord ofta lyfts fram som boven. Alternativa autentiseringsmetoder som identifierades visade oss att det inte fanns någon enkel lösning på problemet och att mer behöver göras för att göra autentisering tillgänglig för alla. Authentication passwords neurodevelopmental disorders cybersecurity disabilities Autentisering lösenord datasäkerhet funktionshinder Information Systems, Social aspects
49	Har vi verkligen ett säkert beteende på internet? : En kvalitativ studie om hur användare hanterar lösenord på internet och varför de gör som de gör. / Is our behavior on Internet secure? : A qualitative study on how users manage their online password and why they do as they do Ahlqvist, Klas, Norell, Per-Ivar January 2022 (has links) Introduktion: För att kunna använda möjligheterna som internet erbjuder krävs i många fall ett användarkonto som identifierar och autentiserar användaren. En förutsättning för att det ska vara säkert är att ingen annan har tillgång till användarens kontouppgifter, vilket ställer krav på att användaren har komplexa och unika lösenord. Syfte: I denna studie har vi undersökt vilken kunskap användare har kring säkra lösenord, hur de agerar samt undersökt varför de agerar som de gör. Metod: Studien är genomförd som en kvalitativ intervjustudie med 12 respondenter i varierande ålder och bakgrund. Resultat: Våra resultat visar att användarens kunskaper ofta bygger på äldre, ej längre aktuella, rekommendationer. De har även bristande kunskaper om vad en lösenordsgenerator eller lösenordshanterare är och hur de fungerar. Kunskapsbristerna, kombinerat med önskan om att det ska gå snabbt, medför att användarna ej genomför korrekta hot- och konsekvensbedömningar av riskerna på internet. Diskussion/Slutsats: Kunskaperna hos användarna behöver höjas för att minska riskerna de utsätter sig för. Teknikutvecklingen går fort och ökad kunskap och medvetenhet krävs för ett säkert agerande på internet. / Introduction: An account, that identify and authorize the user, is nowadays almost a condition for the user’s ability to use the many services Internet provides. If the account shall remain safe, only the user should have access to the user account. The user needs to create unique and complex passwords. Aim: In this study we have examined the end-user’s knowledge regarding safe passwords, how they act. We have also examined why they act as they do. Method: This qualitative study was made through interviews with 12 respondents of varying age. Results: Our findings show that the user’s knowledge often is based on older recommendations. They also lack knowledge about what a password generator, or a password manger, is and how they work. The lack of knowledge combined with a high wish of swift Internet usage leads to inadequate threat and impact assessments of Internet risks. Conclusion: The end-user’s knowledge, regarding security online needs to be improved, to reduce their risk exposure. The development of technology is moving fast so a raised awareness is mandatory for a safe Internet behavior. Internet security Passwords Security awareness. Security behavior User accounts Användarkonton Internetsäkerhet Lösenord Säkerhetsbeteende Säkerhetsmedvetande Computer Sciences Datavetenskap (datalogi) Computer and Information Sciences Data- och informationsvetenskap
50	Biometriska säkerhetslösningars inverkan på IT-forensik inom polisen : En kvalitativ intervjustudie / Biometric security solution´s effects on IT-forensics within the swedish police authority : A qualitative interview study Bartha, Lars January 2018 (has links) Lösenord har länge varit den metod som föredragits av användare för att skydda användarkonton och känslig information. I strävan till att finna enklare, snabbare och säkrare autentiseringsmetoder har biometriska säkerhetslösningar snabbt vuxit i popularitet. Mobiltelefoner har traditionellt skyddats med hjälp av lösenord men har på senare tid även börjat inkludera någon form av biometrisk sensor för autentisering. Genom att utföra en kvalitativ intervjustudie med IT-forensiker som arbetar på Polismyndigheten inom olika distrikt i Västra Götalands län undersökte denna studie forskningsfrågan: hur har biometriska säkerhetslösningar i jämförelse med lösenord påverkat IT-forensikerns arbete på Polismyndigheten? Studien visar att biometrisk utrustning inte ger extra säkerhet i jämförelse med lösenord, eftersom en bakomliggande säkerhetskod alltid finns till hands ifall den biometriska sensorn slutar fungera. Därmed dras biometriska enheter med samma sorts svagheter som alltid funnits med lösenord. Nyckelord: biometri, lösenord, säkerhet, etik, juridik, IT-forensik. / Passwords have long been the users’ preferred method of choice to protect user accounts and sensitive data. In a strive to find simpler, quicker and more secure forms of authentication methods, biometric security solutions have seen an increased in popularity. Most mobile phones now include a type of biometrical sensors as an option for authentication. By conducting a qualitative interview study with IT-forensics employed by the police force in different districts in Västra Götaland county, this study aims to investigate the research question: How have biometric security solutions in comparison to passwords influenced the working methods of IT-forensics at the Swedish Police Authority? The study shows that biometric security solutions give no added benefit to security in comparison to passwords, because there is always an underlying security code that is ready to be used in case the biometric authentication fails to work. Therefore, biometric devices suffer from the same kinds of weaknesses that have always plagued passwords. Keywords: biometrics, passwords, security, ethics, law, IT-forensics. biometrics passwords security ethics law IT-forensics biometri lösenord säkerhet etik juridik IT-forensik Computer Systems Datorsystem Computer Sciences Datavetenskap (datalogi)

Search results