Mohammed Awad, Zakaria Al-Qudah, Sahar Idwan, A. Jallad
{"title":"密码安全:一个小型大学的密码行为分析","authors":"Mohammed Awad, Zakaria Al-Qudah, Sahar Idwan, A. Jallad","doi":"10.1109/ICEDSA.2016.7818558","DOIUrl":null,"url":null,"abstract":"No matter how sophisticated and advanced an organization's security system is, it remains vulnerable due to the human factor. In this paper, we conducted a survey to analyze the patterns used by the faculty, staff, and students when generating passwords at a small sized university. We found that users are not as aware of security requirements and practices as they think. Moreover, the vast majority of users' passwords are breakable within days or shorter. Interestingly, we found that using numbers and uppercase letters is common among users. However, numbers are mostly used at the end of the passwords and uppercase letters are mostly used at the beginning of passwords. The existence of such trends makes it easier for attackers to generate more effective dictionaries. Based on the analysis in this paper, we make recommendations to IT personnel and the general public to harden the security of their passwords.","PeriodicalId":247318,"journal":{"name":"2016 5th International Conference on Electronic Devices, Systems and Applications (ICEDSA)","volume":"218 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Password security: Password behavior analysis at a small university\",\"authors\":\"Mohammed Awad, Zakaria Al-Qudah, Sahar Idwan, A. Jallad\",\"doi\":\"10.1109/ICEDSA.2016.7818558\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"No matter how sophisticated and advanced an organization's security system is, it remains vulnerable due to the human factor. In this paper, we conducted a survey to analyze the patterns used by the faculty, staff, and students when generating passwords at a small sized university. We found that users are not as aware of security requirements and practices as they think. Moreover, the vast majority of users' passwords are breakable within days or shorter. Interestingly, we found that using numbers and uppercase letters is common among users. However, numbers are mostly used at the end of the passwords and uppercase letters are mostly used at the beginning of passwords. The existence of such trends makes it easier for attackers to generate more effective dictionaries. Based on the analysis in this paper, we make recommendations to IT personnel and the general public to harden the security of their passwords.\",\"PeriodicalId\":247318,\"journal\":{\"name\":\"2016 5th International Conference on Electronic Devices, Systems and Applications (ICEDSA)\",\"volume\":\"218 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 5th International Conference on Electronic Devices, Systems and Applications (ICEDSA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICEDSA.2016.7818558\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 5th International Conference on Electronic Devices, Systems and Applications (ICEDSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEDSA.2016.7818558","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Password security: Password behavior analysis at a small university
No matter how sophisticated and advanced an organization's security system is, it remains vulnerable due to the human factor. In this paper, we conducted a survey to analyze the patterns used by the faculty, staff, and students when generating passwords at a small sized university. We found that users are not as aware of security requirements and practices as they think. Moreover, the vast majority of users' passwords are breakable within days or shorter. Interestingly, we found that using numbers and uppercase letters is common among users. However, numbers are mostly used at the end of the passwords and uppercase letters are mostly used at the beginning of passwords. The existence of such trends makes it easier for attackers to generate more effective dictionaries. Based on the analysis in this paper, we make recommendations to IT personnel and the general public to harden the security of their passwords.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
