LightBlog
Contact at mumbai.academics@gmail.com or 8097636691/9323040215
Responsive Ads Here

Thursday, 22 March 2018

Honeywords: Making Password-Cracking Detectable

We propose a simple method for improving the security of  hashed passwords: the maintenance of additional “honey- words” (false passwords) associated with each user’s account. An adversary who steals a file of hashed passwords and in- verts the hash function cannot tell if he has found the password or a honeyword. The attempted use of a honeyword for login sets off an alarm. An auxiliary server (the “hon- eychecker”) can distinguish the user password from honey- words for the login routine, and will set off an alarm if a honeyword is submitted.

No comments:

Post a Comment