{"id":"https://openalex.org/W1993263140","doi":"https://doi.org/10.1145/2420950.2420966","title":"Building better passwords using probabilistic techniques","display_name":"Building better passwords using probabilistic techniques","publication_year":2012,"publication_date":"2012-12-03","ids":{"openalex":"https://openalex.org/W1993263140","doi":"https://doi.org/10.1145/2420950.2420966","mag":"1993263140"},"language":"en","primary_location":{"id":"doi:10.1145/2420950.2420966","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2420950.2420966","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072996215","display_name":"Shiva Houshmand","orcid":"https://orcid.org/0000-0003-0779-3595"},"institutions":[{"id":"https://openalex.org/I103163165","display_name":"Florida State University","ror":"https://ror.org/05g3dte14","country_code":"US","type":"education","lineage":["https://openalex.org/I103163165"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shiva Houshmand","raw_affiliation_strings":["Florida State University, Tallahassee, FL"],"affiliations":[{"raw_affiliation_string":"Florida State University, Tallahassee, FL","institution_ids":["https://openalex.org/I103163165"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102143121","display_name":"Sudhir Aggarwal","orcid":null},"institutions":[{"id":"https://openalex.org/I103163165","display_name":"Florida State University","ror":"https://ror.org/05g3dte14","country_code":"US","type":"education","lineage":["https://openalex.org/I103163165"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sudhir Aggarwal","raw_affiliation_strings":["Florida State University, Tallahassee, FL"],"affiliations":[{"raw_affiliation_string":"Florida State University, Tallahassee, FL","institution_ids":["https://openalex.org/I103163165"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5072996215"],"corresponding_institution_ids":["https://openalex.org/I103163165"],"apc_list":null,"apc_paid":null,"fwci":9.5721,"has_fulltext":false,"cited_by_count":55,"citation_normalized_percentile":{"value":0.97507702,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"109","last_page":"118"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10803","display_name":"Innovative Human-Technology Interaction","score":0.9549999833106995,"subfield":{"id":"https://openalex.org/subfields/1709","display_name":"Human-Computer Interaction"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.9543551206588745},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7868548631668091},{"id":"https://openalex.org/keywords/cognitive-password","display_name":"Cognitive password","score":0.7656922340393066},{"id":"https://openalex.org/keywords/password-strength","display_name":"Password strength","score":0.6872842907905579},{"id":"https://openalex.org/keywords/probabilistic-logic","display_name":"Probabilistic logic","score":0.6532506942749023},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.5882201194763184},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.567910373210907},{"id":"https://openalex.org/keywords/password-cracking","display_name":"Password cracking","score":0.5036985278129578},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.49132218956947327},{"id":"https://openalex.org/keywords/s/key","display_name":"S/KEY","score":0.479094535112381},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.475940465927124},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.3103913962841034},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.29727208614349365},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.21436262130737305},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1240503191947937}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.9543551206588745},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7868548631668091},{"id":"https://openalex.org/C23875713","wikidata":"https://www.wikidata.org/wiki/Q5141232","display_name":"Cognitive password","level":5,"score":0.7656922340393066},{"id":"https://openalex.org/C70530487","wikidata":"https://www.wikidata.org/wiki/Q1990841","display_name":"Password strength","level":4,"score":0.6872842907905579},{"id":"https://openalex.org/C49937458","wikidata":"https://www.wikidata.org/wiki/Q2599292","display_name":"Probabilistic logic","level":2,"score":0.6532506942749023},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.5882201194763184},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.567910373210907},{"id":"https://openalex.org/C3847113","wikidata":"https://www.wikidata.org/wiki/Q2746524","display_name":"Password cracking","level":5,"score":0.5036985278129578},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.49132218956947327},{"id":"https://openalex.org/C4957475","wikidata":"https://www.wikidata.org/wiki/Q242186","display_name":"S/KEY","level":3,"score":0.479094535112381},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.475940465927124},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.3103913962841034},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.29727208614349365},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.21436262130737305},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1240503191947937}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2420950.2420966","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2420950.2420966","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W42204834","https://openalex.org/W167157979","https://openalex.org/W178526229","https://openalex.org/W1548573590","https://openalex.org/W1599547597","https://openalex.org/W1987516957","https://openalex.org/W1997546901","https://openalex.org/W2014580322","https://openalex.org/W2037202491","https://openalex.org/W2050399908","https://openalex.org/W2061956102","https://openalex.org/W2066792529","https://openalex.org/W2079145130","https://openalex.org/W2091833612","https://openalex.org/W2097267243","https://openalex.org/W2099419188","https://openalex.org/W2100307718","https://openalex.org/W2109744978","https://openalex.org/W2111374852","https://openalex.org/W2113266120","https://openalex.org/W2123097583","https://openalex.org/W2135359429","https://openalex.org/W2150341374","https://openalex.org/W2171920515","https://openalex.org/W2343130604","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2969720675","https://openalex.org/W1982158666","https://openalex.org/W3131491961","https://openalex.org/W2953105088","https://openalex.org/W2596766976","https://openalex.org/W2017283799","https://openalex.org/W2916013051","https://openalex.org/W4302810031","https://openalex.org/W1847856596","https://openalex.org/W4294993944"],"abstract_inverted_index":{"Password":[0],"creation":[1],"policies":[2,24],"attempt":[3],"to":[4,18,32,100,108,129,143,168,182,200,210],"help":[5],"users":[6],"generate":[7],"strong":[8,50,77,145,186],"passwords":[9,52,146,187],"but":[10],"are":[11,25,106],"generally":[12],"not":[13],"very":[14],"effective":[15,226],"and":[16,124,212,220],"tend":[17],"frustrate":[19],"users.":[20],"The":[21],"most":[22],"popular":[23],"rule":[26],"based":[27],"which":[28,176,189],"have":[29,33],"been":[30],"shown":[31],"clear":[34],"limitations.":[35],"In":[36,56,137,156,203],"this":[37],"paper":[38],"we":[39,45,59,117,140,206],"consider":[40],"a":[41,61,70,102,119,131,159,170,183,197,231],"new":[42],"approach":[43,58],"that":[44,48,66,222],"term":[46],"analyze-modify":[47,164],"ensures":[49],"user":[51,71,135],"while":[53],"maintaining":[54],"usability.":[55],"our":[57,138,163,204,223],"develop":[60],"software":[62],"system":[63,123,165,224],"called":[64],"AMP":[65,87],"first":[67],"analyzes":[68],"whether":[69],"proposed":[72],"password":[73,84,91,114,121],"is":[74,98],"weak":[75,99,148,173],"or":[76],"by":[78],"estimating":[79],"the":[80,83,90,110,113,201,218],"probability":[81],"of":[82,112,134,154,158,161,172,175,185,188],"being":[85],"cracked.":[86],"then":[88],"modifies":[89],"slightly":[92],"(to":[93],"maintain":[94],"usability)":[95],"if":[96],"it":[97],"create":[101],"strengthened":[103],"password.":[104],"We":[105],"able":[107,142,167],"estimate":[109],"strength":[111],"appropriately":[115],"since":[116],"use":[118,213,229],"probabilistic":[120,126],"cracking":[122],"associated":[125],"context-free":[127],"grammar":[128,219],"model":[130],"realistic":[132],"distribution":[133],"passwords.":[136,202],"experiments":[139],"were":[141],"distinguish":[144],"from":[147,217],"ones":[149],"with":[150,195,227],"an":[151],"error":[152],"rate":[153],"1.43%.":[155],"one":[157],"series":[160],"experiments,":[162],"was":[166],"strengthen":[169],"set":[171,184],"passwords,":[174],"53%":[177],"could":[178,192],"be":[179,193],"easily":[180],"cracked":[181,194],"only":[190,196],"0.27%":[191],"slight":[198],"modification":[199],"work,":[205],"also":[207],"show":[208,221],"how":[209],"compute":[211],"various":[214],"entropy":[215],"measures":[216],"remains":[225],"continued":[228],"through":[230],"dynamic":[232],"updating":[233],"capability.":[234]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":4},{"year":2017,"cited_by_count":6},{"year":2016,"cited_by_count":6},{"year":2015,"cited_by_count":5},{"year":2014,"cited_by_count":5},{"year":2013,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}