Towards Designing Advanced Password Cracking Toolkits: Optimizing the password cracking process

Jourdan, Pierre and Stavrou, Eliana orcid iconORCID: 0000-0003-4040-4942 (2019) Towards Designing Advanced Password Cracking Toolkits: Optimizing the password cracking process. In: Proceeding UMAP'19 Adjunct Adjunct Publication of the 27th Conference on User Modeling, Adaptation and Personalization, 9-12 June 2019, Larnaca, Cyprus.

[thumbnail of Author Accepted Manuscript] PDF (Author Accepted Manuscript) - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Attribution Non-commercial No Derivatives.

257kB

Official URL: https://doi.org/10.1145/3314183.3324967

Abstract

Passwords are still a widespread authentication mechanism that, despite the efforts of the cybersecurity community to educate people, they are often predictable. Therefore, there is a need for defenders, e.g. cybersecurity/IT administrators, to periodically assess the users’ passwords in their organization, improve their awareness on the security level and take measures to improve the situation. Password cracking can assist in the evaluation of the strength of passwords and a variety of tools exist to execute it.
The challenge with this is that it is a time-consuming process and it needs to be optimized to detect weak passwords within a
specific evaluation timeframe. To optimize the process, knowledge in the area and appropriate tools are required.
However, even though a lot of research is performed in this area, the knowledge and tools are scarce, challenging defenders’ tasks. Therefore, the need arises to promote the design of advanced tools, integrating existing user knowledge and creating powerful toolkits. This work presents the design of UPAT (Ultimate Password Awareness Toolkit), which specifies essential features to optimize the password cracking process. The evaluation results are encouraging as to the tool’s effectiveness and users’ satisfaction, demonstrating the importance of designing next generation password cracking toolkits to enhance the security of communication and information systems.


Repository Staff Only: item control page