the password doesn t fall far how service influences
play

The Password Doesnt Fall Far: How Service Influences Password Choice - PowerPoint PPT Presentation

Aug 21, 2023 •212 likes •474 views

The Password Doesnt Fall Far: How Service Influences Password Choice Miranda Wei, The University of Chicago Maximilian Golla, Ruhr University Bochum Blase Ur, The University of Chicago Baltimore, USA | August 12, 2018

  1. The Password Doesn’t Fall Far: How Service Influences Password Choice Miranda Wei, The University of Chicago 
 Maximilian Golla, Ruhr University Bochum Blase Ur, The University of Chicago Baltimore, USA | August 12, 2018

  2. https://myappletrees.com esdf Create a password for your MyAppleTrees account: MyAppleTreesPassword ! 2 Baltimore, USA | SOUPS WAY | August 12, 2018

  3. https://myappletrees.com esdf Create a password for your MyAppleTrees account: RedDelicious ! 3 Baltimore, USA | SOUPS WAY | August 12, 2018

  4. related work about password choice demographic factors account importance composition policies [Mazurek et al., CCS13] [Ur et al., SOUPS15] [Florêncio & Herley, WWW07] ! 4 Baltimore, USA | SOUPS WAY | August 12, 2018

  5. our research questions Do users make passwords related to… 1. … the name of the service? myappletrees 2. … the topic of the service? applepie ! 5 Baltimore, USA | SOUPS WAY | August 12, 2018

  6. methodology ! 6 Baltimore, USA | August 12, 2018

  7. five password leaks ! 7 Baltimore, USA | SOUPS WAY | August 12, 2018

  8. filtered out passwords that appeared in other leaks Top 1000 Passwords Top 1000 Passwords From From Each of the Battlefield Heroes Other Four Leaks ! 8 Baltimore, USA | SOUPS WAY | August 12, 2018

  9. filtered out passwords that appeared in other leaks Top 1000 Passwords Top 1000 Passwords From From Each of the Battlefield Heroes Other Four Leaks ! 8 Baltimore, USA | SOUPS WAY | August 12, 2018

  10. filtered out passwords that appeared in other leaks Top 1000 Passwords Top 1000 Passwords From From Each of the Battlefield Heroes Other Four Leaks ! 8 Baltimore, USA | SOUPS WAY | August 12, 2018

  11. filtered out passwords that appeared in other leaks Top 1000 Passwords Top 1000 Passwords From From Each of the Battlefield Heroes Other Four Leaks not service- specific service-specific ! 8 Baltimore, USA | SOUPS WAY | August 12, 2018

  12. filtered out passwords that appeared in other leaks Top 1000 Passwords Top 1000 Passwords From From Each of the Battlefield Heroes Other Four Leaks Brazzers last.fm LinkedIn Mate1 not service- specific service-specific ! 8 Baltimore, USA | SOUPS WAY | August 12, 2018

  13. qualitative coding Step 1: Initial Criteria Step 2: Open Coding Is the password related to… CODEBOOK • … the name of the service? • average of 7 codes/service • … the topic of the service? • coded 90% of analyzed passwords ! 9 Baltimore, USA | SOUPS WAY | August 12, 2018

  14. results ! 10 Baltimore, USA | August 12, 2018

  15. yes, related to name Top ten passwords per service after filtering ! 11 Baltimore, USA | SOUPS WAY | August 12, 2018

  16. yes, related to topic trooper pornstar networking headshot enjoyporn jobsearch iamthebest iloveporn business ! 12 Baltimore, USA | SOUPS WAY | August 12, 2018

  17. CODEBOOK ! 13 Baltimore, USA | SOUPS WAY | August 12, 2018

  18. users choose passwords based on other interests giants cadillac halflife patriots silverado warcraft3 wrestling peterbilt gamecube bowling accord viewsonic ! 14 Baltimore, USA | SOUPS WAY | August 12, 2018

  19. users choose passwords reflecting international backgrounds hejhej olamide jemoeder opeyemi wachtwoord babatunde panzer adekunle ! 15 Baltimore, USA | SOUPS WAY | August 12, 2018

  20. users invoke religion when it comes to jobs and love krishna ilovegod jesuschrist thankgod godisgreat ingodwetrust godislove godhelpme ! 16 Baltimore, USA | SOUPS WAY | August 12, 2018

  21. conclusions ! 17 Baltimore, USA | August 12, 2018

  22. need to account for site-specific keywords • password doesn’t fall far - 3-6% of passwords analyzed were directly related to name/ topic • many password-guessing tools/ models support custom wordlists ! 18 Baltimore, USA | SOUPS WAY | August 12, 2018

  23. use blacklists • at an absolute minimum, blacklist the service name! - looking at you: Spotify, Amazon, Facebook, Google, Hulu, Tumblr, Pinterest, Microsoft, Instagram, Twitter • balancing security and usability ! 19 Baltimore, USA | SOUPS WAY | August 12, 2018

  24. improve existing tools • popularity-based password-composition policies [Schechter et al., Hot Topics 10, Segreti et al., SOUPS17] • password-strength meters [Ur et al., CHI17] ! 20 Baltimore, USA | SOUPS WAY | August 12, 2018

  25. • Qualitative study of leaked passwords from Battlefield Heroes, Brazzers, last.fm, LinkedIn, and Mate1 • Passwords were related by service name, topic, and a variety of other salient semantic topics • Need to account for site-specific keywords The Password Doesn’t Fall Far: How Services Influence Password Choice Miranda Wei, Maximilian Golla, Blase Ur weim@uchicago.edu ! 21 title image: Baltimore, USA | SOUPS WAY | August 12, 2018 http:/ /www.fanpop.com/clubs/autumn/images/35580383/title/apple-orchard-photo

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 1 11/17/09 2 2 11/17/09 The SiteKey. This is not a graphical password system. ...and I'm

1 1 11/17/09 2 2 11/17/09 The SiteKey. This is not a graphical password system. ...and I'm

11/17/09 1 1 11/17/09 2 2 11/17/09 The SiteKey. This is not a graphical password system. ...and I'm pretty sure it doesn't work. 3 3 11/17/09 - basic outline -problems with password usability and security -how various graphical

1.55k views • 86 slides
COMMUNITY & HOUSING SUSTAINABILITY INFLUENCES CONSUMER BEHAVIOR ULI Fall Meeting 2019

COMMUNITY & HOUSING SUSTAINABILITY INFLUENCES CONSUMER BEHAVIOR ULI Fall Meeting 2019

COMMUNITY & HOUSING SUSTAINABILITY INFLUENCES CONSUMER BEHAVIOR ULI Fall Meeting 2019 September 20, 2019 Gregg Logan, Managing Director MILLENNIALS AND SUSTAINABILITY "Today's consumers don't want to buy a product, they want to buy

303 views • 19 slides
Weaving at the Bauhaus: Origins and Influences Julia E. Benson TEXT 6910 Fall Semester, 2003

Weaving at the Bauhaus: Origins and Influences Julia E. Benson TEXT 6910 Fall Semester, 2003

Weaving at the Bauhaus: Origins and Influences Julia E. Benson TEXT 6910 Fall Semester, 2003 Johannes Itten Horizontal-Vertikal ,1915 Wassily Kandinsky Moscow I , 1916 Oil on canvas Collection of State Tretjakov Gallery,

684 views • 54 slides
Service Unit Fall Product Manager Training 1 FALL 2018 Who is a first time Service Unit Fall

Service Unit Fall Product Manager Training 1 FALL 2018 Who is a first time Service Unit Fall

Service Unit Fall Product Manager Training 1 FALL 2018 Who is a first time Service Unit Fall Product Manager? 2 3 The Team Product Program Team Carl Canale Susan Rakis Angela Foster Conchetta Jones Sheri Lambert Linda Miller Shari

1.22k views • 94 slides
Why Why Google Google Shopping doesn't Shopping doesn't work work for for many many retailers

Why Why Google Google Shopping doesn't Shopping doesn't work work for for many many retailers

Why Why Google Google Shopping doesn't Shopping doesn't work work for for many many retailers retailers Liam Patterson Founder & CEO Show of hands? Q: Who is actively running Google Shopping ? About You 27% of SHOPPERS 27% of

573 views • 30 slides
Recovery After Stroke and Genetic Influences of Neuroplasticity Noel F. So, MD Spalding

Recovery After Stroke and Genetic Influences of Neuroplasticity Noel F. So, MD Spalding

Recovery After Stroke and Genetic Influences of Neuroplasticity Noel F. So, MD Spalding Rehabilitation Hospital BIAC Fall Conference October 17, 2014 No Financial Disclosures/Off label Factors that Predict Mortality of Acute Stroke

785 views • 49 slides
Team Password Manager Password Management Software for Groups http://teampasswordmanager.com

Team Password Manager Password Management Software for Groups http://teampasswordmanager.com

Team Password Manager Password Management Software for Groups http://teampasswordmanager.com What is Team Password Manager - Password manager for groups and projects - Uses projects to group passwords - Secure, fine grained password sharing -

712 views • 9 slides
Cisco Passwords - Enforcing Minimum Password Length Common Types of Password Attacks Brute-Force

Cisco Passwords - Enforcing Minimum Password Length Common Types of Password Attacks Brute-Force

Cisco Passwords - Enforcing Minimum Password Length Common Types of Password Attacks Brute-Force Attack - tries every possible character combination as a password. To recover a single-letter password would require up to 26 combinations. A

415 views • 8 slides
November 1, 2017 Guest Login Wi-Fi Options : WiFi3 Password: wcccguest1603 Fall 2017

November 1, 2017 Guest Login Wi-Fi Options : WiFi3 Password: wcccguest1603 Fall 2017

Community Assembly November 1, 2017 Guest Login Wi-Fi Options : WiFi3 Password: wcccguest1603 Fall 2017 Cleaning from the Corridor Cleaning from the Corridor Another Successful Event! October 7 th - 9am-noon 25 total

610 views • 9 slides
Service Management Platform UIT Top 5 Fall 2013 Building a service culture Service Management

Service Management Platform UIT Top 5 Fall 2013 Building a service culture Service Management

Update on Service Management Platform UIT Top 5 Fall 2013 Building a service culture Service Management Necessary capability for UIT Embraces the ITIL framework NEEDED: a service management platform ITSM Platform Services

560 views • 43 slides
Is Password InSecurity Inevitable? Cryptographic Enhancements to Password Protocols Hugo

Is Password InSecurity Inevitable? Cryptographic Enhancements to Password Protocols Hugo

Is Password InSecurity Inevitable? Cryptographic Enhancements to Password Protocols Hugo Krawczyk (IBM Research) Works with Stanislaw Jarecki, Jiayu Xu (UC Irvine) Aggelos Kiayas (U Edinburgh) Nitesh Saxena, Maliheh Shirvanian (UA Birmingham)

750 views • 32 slides
Password, Authentication, Password Managers Week 4 Frank Chen | Spring 2017 Frank Chen | Spring

Password, Authentication, Password Managers Week 4 Frank Chen | Spring 2017 Frank Chen | Spring

LastPass, a Password Manager Application CS 88S Password, Authentication, Password Managers Week 4 Frank Chen | Spring 2017 Frank Chen | Spring 2017 Agenda Review last weeks material Some Definitions Password in the Cloud

584 views • 47 slides
LastPass An Introduction to Password Managers Why do I need a Password manager? Email is your

LastPass An Introduction to Password Managers Why do I need a Password manager? Email is your

LastPass An Introduction to Password Managers Why do I need a Password manager? Email is your Master Key When you forget a password, they send a reset link to your email. Anyone with access to your email has the power to reset your other

549 views • 31 slides
Proactive Password Checking Analyze proposed password for goodness Always invoked

Proactive Password Checking Analyze proposed password for goodness Always invoked

Proactive Password Checking Analyze proposed password for goodness Always invoked Can detect, reject bad passwords for an appropriate definition of bad Discriminate on per-user, per-site basis Needs to do

363 views • 21 slides
Prevention & Recovery Conference Countering Pro-Marijuana Influences in the Community

Prevention & Recovery Conference Countering Pro-Marijuana Influences in the Community

Prevention & Recovery Conference Countering Pro-Marijuana Influences in the Community Findings from a Service to Science Evaluation Enhancement November 6, 2014 Oklahoma City National Exemplary Award for National Exemplary Award for

415 views • 40 slides
Day 3 If you are still using the default password that was assigned when your account was

Day 3 If you are still using the default password that was assigned when your account was

Day 3 If you are still using the default password that was assigned when your account was created, CHANGE IT NOW! (It can be the same as your email password.) Day 3 Steps in compiling: (Optional preprocessing) Lexical analysis

483 views • 17 slides
Housing C Housing Counseling ounseling System (HCS) T System (HCS) Today oday and i and in

Housing C Housing Counseling ounseling System (HCS) T System (HCS) Today oday and i and in

Housing C Housing Counseling ounseling System (HCS) T System (HCS) Today oday and i and in the n the Futur Future Open Doors with Housing Counseling August 08, 2019 OFFICE OF HOUSING COUNSELING 1 Speakers Joel Ibaez, U.S.

594 views • 43 slides
Refresh Your Knowledge 5 In TD learning with linear VFA (select all): w = w + ( r ( s t ) +

Refresh Your Knowledge 5 In TD learning with linear VFA (select all): w = w + ( r ( s t ) +

Lecture 6: CNNs and Deep Q Learning 1 Emma Brunskill CS234 Reinforcement Learning. Winter 2020 1 With many slides for DQN from David Silver and Ruslan Salakhutdinov and some vision slides from Gianni Di Caro and images from Stanford CS231n,

886 views • 55 slides
Renewal Monte Carlo: Renewal theory based reinforcement learning Jayakumar Subramanian and

Renewal Monte Carlo: Renewal theory based reinforcement learning Jayakumar Subramanian and

Renewal Monte Carlo: Renewal theory based reinforcement learning Jayakumar Subramanian and Aditya Mahajan 57th IEEE Conference on Decision and Control, Miami Beach, FL, USA, December 17-19, 2018 RL has achieved considerable success

1k views • 87 slides
A General Approach to Discovering, Registering, and Extracting Features from Raster Maps Craig

A General Approach to Discovering, Registering, and Extracting Features from Raster Maps Craig

Information Sciences Institute Agent of Innovation : from visionary to viable A General Approach to Discovering, Registering, and Extracting Features from Raster Maps Craig Knoblock University of Southern California & Geosemble

500 views • 39 slides
A wavelet based approach to climate biome clustering Derek Desantis University of Nebraska -

A wavelet based approach to climate biome clustering Derek Desantis University of Nebraska -

A wavelet based approach to climate biome clustering Introduction A wavelet based approach to climate biome clustering Derek Desantis University of Nebraska - Lincoln August 7, 2018 A wavelet based approach to climate biome clustering

693 views • 48 slides
Characterizing Social Insider Attacks on Facebook Wali Ahmed Usmani, Diogo Marques, Ivan

Characterizing Social Insider Attacks on Facebook Wali Ahmed Usmani, Diogo Marques, Ivan

Characterizing Social Insider Attacks on Facebook Wali Ahmed Usmani, Diogo Marques, Ivan Beschastnikh, Konstantin Beznosov, Tiago Guerreiro and Lus Carrio Social insider attacks on Facebook Social insider: perpetrator is someone

428 views • 25 slides
Show, Attend and Tell: Neural Image Caption Generation with Visual Attention Kelvin Xu, Jimmy

Show, Attend and Tell: Neural Image Caption Generation with Visual Attention Kelvin Xu, Jimmy

Show, Attend and Tell: Neural Image Caption Generation with Visual Attention Kelvin Xu, Jimmy Ba, Ryan Kiros, Kyunghyun Cho, Aaron Courville, Ruslan Salakhutdinov, Richard Zemel, Yoshua Bengio Presented by Kathy Ge Motivation: Attention

567 views • 20 slides
Text-Based Ideal Points Keyon Vafa Columbia University Joint work with: Suresh Naidu David

Text-Based Ideal Points Keyon Vafa Columbia University Joint work with: Suresh Naidu David

Text-Based Ideal Points Keyon Vafa Columbia University Joint work with: Suresh Naidu David Blei Columbia University Columbia University Ideal Points Image Source: New York Times Ideal Points Bayesian Ideal Points Probabilistic method

615 views • 23 slides

More recommend