Shancang Li
Password Pattern and Vulnerability Analysis for Web and Mobile Applications
Li, Shancang; Romdhani, Imed; Buchanan, William
Authors
Dr Imed Romdhani I.Romdhani@napier.ac.uk
Associate Professor
Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Abstract
Text⁃based passwords are heavily used to defense for many web and mobile applications. In this paper, we investigated the patterns and vulnerabilities for both web and mobile applications based on conditions of the Shannon entropy, Guessing entropy and Minimum entropy. We show how to substantially improve upon the strength of passwords based on the analysis of text⁃password entropies. By analyzing the passwords datasets of Rockyou and 163.com, we believe strong password can be designed based on good usability, deployability, rememberbility, and security entropies.
Citation
Li, S., Romdhani, I., & Buchanan, W. (2016). Password Pattern and Vulnerability Analysis for Web and Mobile Applications. ZTE Communications, 14, 32-36. https://doi.org/10.3969/j.issn.1673-5188.2016.S0.006
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Jun 30, 2016 |
| Online Publication Date | Aug 1, 2016 |
| Publication Date | Jun 30, 2016 |
| Deposit Date | Sep 20, 2016 |
| Publicly Available Date | Oct 19, 2016 |
| Journal | ZTE Communications |
| Print ISSN | 16735188 |
| Peer Reviewed | Peer Reviewed |
| Volume | 14 |
| Pages | 32-36 |
| DOI | https://doi.org/10.3969/j.issn.1673-5188.2016.S0.006 |
| Keywords | password strength; security entropies; password vulnerabilities |
| Public URL | http://researchrepository.napier.ac.uk/Output/367587 |
Files
Password Pattern and Vulnerability Analysis for Web and Mobile Applications
(327 Kb)
PDF
You might also like
Distributed and compressed MIKEY mode to secure end-to-end communications in the Internet of things
(2016)
Presentation / Conference Contribution
A new dynamic weight clustering algorithm for wireless sensor networks
(2017)
Presentation / Conference Contribution
A new distributed MIKEY mode to secure e-health applications.
(2016)
Presentation / Conference Contribution
A Decentralized Batch-Based Group Key Management Protocol for Mobile Internet of Things (DBGK)
(2015)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search