An Analysis on Vulnerabilities of Password Retrying

Ranak, M. S. A. Noman and Azad, Saiful and Safwan Fathi, Mohammad and Kamal Z., Zamli and Rahman, Mohammed Mostafizur (2018) An Analysis on Vulnerabilities of Password Retrying. Advanced Science Letters, 24 (10). pp. 7418-7422. ISSN 1936-6612. (Published)

[img]
Preview
Pdf
An Analysis on Vulnerabilities of Password Retrying.pdf

Download (320kB) | Preview

Abstract

Recently, due to security concerns, most of the computing systems have employed authentication based access control mechanisms. Again, in general, a considerable number of such systems we use in our day-to-day life. Hence, we also have to memorize a considerably large number of passwords, which incurs the issue of memorability. Mostly, a user retries password due to memorability problem. However, password retrying leads to several vulnerabilities. The main objective of this paper is to unveil these vulnerabilities with appropriate evidences. In this process, we discover and report an attack, named retry attack, which is discussed elaborately. An experiment has been performed and a survey has been conducted to examine the impact of such attack on 27 participants—where the experiment has been designed in such a way that it does not violate the ethical regulations of the university and preserves the secrecy of the participants’ passwords. The results evidently demonstrate the impact of such attack. At the end, some suggestions are noted that would assist a user to tackle this kind of attack.

Item Type: Article
Additional Information: JCR® Category: Multidisciplinary Sciences. Quartile: Q2
Uncontrolled Keywords: Password; authentication scheme; credential; password retrying
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty/Division: Centre of Excellence: IBM Centre of Excellence
Faculty of Computer System And Software Engineering
Institute of Postgraduate Studies
Depositing User: Pn. Hazlinda Abd Rahman
Date Deposited: 26 Mar 2018 03:26
Last Modified: 28 Feb 2020 01:21
URI: http://umpir.ump.edu.my/id/eprint/19609
Download Statistic: View Download Statistics

Actions (login required)

View Item View Item