Passwords are simple yet are also a critical component in most security systems. As the password needs to protect the user's secure information, it is required to be secure and make it hard for a third party to crack on to a system. It is therefore important to provide a best-practice password creation and management policy that may be universally used by everyone.
In this paper, we look at the most used password policies and practices and propose differences in the shape of our own new policy. Finally, we show visualized data and implementation of the password policy in real time.
Table of Contents
I. INTRODUCTION
A. Collecting and testing
II. Measuring password strength
III. Results
IV. Multilingual password
V. location based tracking
VI. multiway authentication
VII. related
VIII. Conclusion
Research Objectives and Themes
The primary objective of this study is to address the persistent vulnerabilities in authentication processes by analyzing leaked password databases and proposing a more robust, universal password policy. The research examines current weaknesses in password management and introduces enhanced security mechanisms to protect user credentials against modern brute force and guessing attacks.
- Analysis of trends in leaked password datasets to identify common user patterns.
- Evaluation of traditional password strength metrics and their limitations.
- Implementation of multilingual password support to increase the complexity for attackers.
- Integration of location-based tracking for proactive account compromise detection.
- Development of multi-layer authentication strategies, including OTP integration.
Excerpt from the Book
I. INTRODUCTION
Many things have changed in past few years and yet password policy remains and authentication process remains same which is by using username and password more over most of the password contains username with different combinations which can be guessed by a hacker and can be a victim of the hacker. As everyone dependent on the password to protect their personal and other information so it requires more secure mechanisms to protect data[4].
Textual passwords are most commonly used in most of the systems that include banking sector and social media etc. Which carry most extremely sensitive information of the user. Yet there is no universal password policy while every organization uses different password policy and makes harder for the user to remember the password by using symbols and numbers etc. Password datasets.
In our work, we collect a large number of leaked database of passwords to analyze.in our process, we come across with leaked passwords from LinkedIn and Reddit and most famous rock you database which helped us to analyze the trends in the recent passwords and helped us to make a more secure password policy.as we can see there has been more than 3-4 times passwords has been leaked from past five years .our work is even if passwords are leaked it would be hard for the hacker to enter into user account since the passwords are in different languages
Summary of Chapters
I. INTRODUCTION: This chapter highlights the ongoing dependency on traditional username and password authentication and introduces the need for more secure, universal password policies based on leaked data analysis.
A. Collecting and testing: This section details the methodology used to analyze leaked database entries, including the identification of common password patterns and vulnerabilities using Jupyter notebooks.
II. Measuring password strength: This chapter defines the criteria for password robustness and outlines key recommendations for creating secure passwords, such as minimum length and complexity requirements.
III. Results: This chapter provides visual representations of the most common password patterns, character usage, and statistical data derived from the analyzed datasets.
IV. Multilingual password: This section proposes the use of multi-language support in password policies to increase the complexity and difficulty for attackers attempting to brute force passwords.
V. location based tracking: This chapter introduces a security mechanism that tracks user login locations to detect potential account compromises when a login attempt occurs from an unrecognized range.
VI. multiway authentication: This section discusses the implementation of multi-layer authentication, specifically utilizing One-Time Passwords (OTP) to add an extra security layer beyond textual passwords.
VII. related: This chapter reviews historical modifications in password policies and notes the lack of comprehensive analysis regarding multilingual password inputs in current security research.
VIII. Conclusion: The final chapter summarizes the necessity of moving beyond traditional metrics and advocates for the implementation of the proposed multi-layered security approach for modern web applications.
Keywords
Password Policy, Authentication, Brute Force Attack, Password Strength, Data Breach, Cybersecurity, Multilingual Password, Location-Based Tracking, Multiway Authentication, OTP, Credential Security, Password Analysis, Security Metrics, User Privacy, Web Security
Frequently Asked Questions
What is the core focus of this research paper?
The paper focuses on the persistent vulnerabilities of traditional password-based authentication and proposes a more secure, universal password policy framework to protect users.
What are the central thematic areas of the study?
The study centers on analyzing password leaks, defining password strength, implementing multilingual support, location-based tracking, and multi-factor authentication methods.
What is the primary objective or research question?
The primary objective is to create a more robust and complex password management system that remains secure even if database leaks occur.
Which scientific methods are employed?
The authors utilize data analysis of leaked databases (like those from LinkedIn and Reddit) using Jupyter notebooks to identify trends and validate security hypotheses.
What topics are covered in the main body?
The main body covers password strength measurement, the visualization of common password patterns, the benefits of multilingual passwords, location-based tracking, and multi-layer authentication.
Which keywords best characterize this work?
Key terms include Password Policy, Brute Force Attack, Multilingual Password, Location-Based Tracking, Multiway Authentication, and Data Breach.
Why is multilingual password support suggested as a security measure?
It is suggested because it forces attackers to identify the specific language used for the password, significantly increasing the complexity of brute force attacks.
How does the proposed location-based tracking function?
The system stores the user's last login location; if a future login attempt originates from outside the expected range, the account is flagged as potentially compromised.
What is the role of OTP in this research?
OTP is recommended as a multi-layer authentication component to ensure that even if primary password credentials are leaked, an attacker cannot gain access without the additional time-sensitive code.
- Arbeit zitieren
- Shiva Reddy (Autor:in), Saikat Sinha (Autor:in), G. Abirami (Autor:in), 2017, Secure Password Policy. Current Situation and Solutions, München, GRIN Verlag, https://www.grin.com/document/359321
