Using Fingerprint Authentication to Reduce System Security: An Empirical Study

Wimberly, Hugh; Liebrock, Lorie M.

doi:10.1109/sp.2011.35

Cited by 34 publications

(17 citation statements)

References 28 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Password research has consistently been limited by the difficulty of studying passwords used for high-value accounts. Lab studies have asked participants to create passwords that protect simulated accounts, $5, a chance to win an iPod in a raffle, or access to university course materials including homework and grades [9,11,26,49]. Other studies have relied on the leaked password lists like the RockYou set [42,46].…”

Section: Introductionmentioning

confidence: 99%

Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms

Kelley¹,

Komanduri²,

Mazurek³

et al. 2011

101

116

View full text Add to dashboard Cite

Text-based passwords remain the dominant authentication method in computer systems, despite significant advancement in attackers' capabilities to perform password cracking. In response to this threat, password composition policies have grown increasingly complex. However, there is insufficient research defining metrics to characterize password strength and evaluating password-composition policies using these metrics. In this paper, we describe an analysis of 12,000 passwords collected under seven composition policies via an online study. We develop an efficient distributed method for calculating how effectively several heuristic password-guessing algorithms guess passwords. Leveraging this method, we investigate (a) the resistance of passwords created under different conditions to password guessing; (b) the performance of guessing algorithms under different training sets; (c) the relationship between passwords explicitly created under a given composition policy and other passwords that happen to meet the same requirements; and (d) the relationship between guessability, as measured with password-cracking algorithms, and entropy estimates. We believe our findings advance understanding of both password-composition policies and metrics for quantifying password security.

show abstract

Section: Introductionmentioning

confidence: 99%

Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms

Kelley¹,

Komanduri²,

Mazurek³

et al. 2011

101

116

View full text Add to dashboard Cite

show abstract

“…This method gave 97.99% accuracy rate of verification by using IITK database. Hugh Wimberly et al, [23] told that Password is the weakest portion of many important systems. They made 96 employees to register in two accounts each and then made a survey how strong the passwords are.They made a proposal for verifying users by their biometrics.…”

Section: Literature Surveymentioning

confidence: 99%

A survey on biometric based crypto techniques

Ramya¹,

Saahithi²,

Gnaneswar³

et al. 2018

IJET

View full text Add to dashboard Cite

The biometric based crypto techniques extract the features from grayscale images and use those features in encryption process i.e., key will be generated from extracted features. In attribute based crypto-systems attributes of the user like email, usernames etc.…will be treated as a public key. Secret key is associated with each attribute i.e. for email there will be a secret key and for username there will be another secret key. In biometric based crypto systems, an access policy is built from the extracted biometric features.

show abstract

“…For instance, if the embedding algorithm remains unknown, the service provider can look for the appropriate standard watermark to check that a submitted image was indeed generated by a trusted machine (or sensor). Nonetheless, Replay attacks have been addressed using datahiding techniques [33] to secretly embed a telltale mark directly in the compressed fingerprint image.…”

Section: Fingerprint Recognitionmentioning

confidence: 99%

Modern Authentication Techniques in Smart Phones: Security and Usability Perspective

Shafique¹,

Khan²,

Waqar³

et al. 2017

ijacsa

View full text Add to dashboard Cite

Abstract-A smartphone has more advanced computing ability and connectivity than basic featured phones. Presently, we are moving from the Internet society to a mobile society where more and more access to the information is required. This has resulted in a mobile security which is no longer immanent, but imperative. Smartphone authentication has received substantial attention of the research community for the past several years because there have been modern developments beyond the classical PINs and passwords making user authentication more challenging. In this paper, we critically analyze the attacks and the vulnerabilities in smartphones' authentication mechanisms. A comparative analysis of different authentication techniques along with the usage of the different authentication methods is discussed which lead the end-user towards choosing the most suitable and customizable authentication technique.

show abstract

Using Fingerprint Authentication to Reduce System Security: An Empirical Study

Cited by 34 publications

References 28 publications

Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms

Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms

A survey on biometric based crypto techniques

Modern Authentication Techniques in Smart Phones: Security and Usability Perspective

Contact Info

Product

Resources

About