Honeywords: Making Password-Cracking Detectable
This paper focuses on the scenario where an attacker of a specific system steals a file (or data on database) that contains the hashed passwords of system's user. The authors present the idea of honeywords to make such situation detectable. The paper suggests that instead of associating just one password to users accounts, more than one password is associated to all users accounts of the system, just one of these passwords is correct, others are just honeywords. The presented mechanism in this work lies under the umbrella of deception defense mechanisms.
Tweet
For Programmers Series are documents provided by ResearchCoders that explain the ideas of the paper for the programmers, you can download them from here. Please note that we always recommend to read the original paper also for better understanding.
# | Author | Download |
---|---|---|
1 | Mohammed Q. Hussain | Download |
If you've got an idea that has not mentioned in the original research and you think adding it to implemenations can be useful, you can share your idea here.