IPASS: A novel open-source intelligence password scoring system

Joshua Hubbard; Gueltoum Bendiab; Stavros Shiaeles

doi:10.1109/CSR54599.2022.9850311

IPASS: A novel open-source intelligence password scoring system

Joshua Hubbard, Gueltoum Bendiab, Stavros Shiaeles

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Password is one of the first and simplest lines of defence that is usually implemented to protect against unauthorized access to a network, local computer, or software application. Unfortunately, all security reports warn that more than 80% of cyber incidents and security breaches are caused by a weak or stolen password. Thus, users should maintain strong passwords for all the online and offline accounts they have. However, determining what makes a strong password is no easy task, with current methods of password scoring producing various degrees of accuracy and success. This paper outlines a novel password scoring method that utilises a person's social media accounts to improve the accuracy of password scoring by building custom word lists, comparing the password to words found in a person's social media and searching through a large database of leaked or breached passwords. The testing results show that the proposed method is more accurate than the classic zxcvbn scoring method. We also intend to address privacy concerns that may arise as a result of the access to user personal data by using a blockchain-based data sharing solution that can ensure respect of the individual's privacy and allow them to control the trade-offs around disclosure of their personal information.

Original language	English
Title of host publication	Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience, CSR 2022
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	90-95
Number of pages	6
ISBN (Electronic)	9781665499521
ISBN (Print)	9781665499538
DOIs	https://doi.org/10.1109/CSR54599.2022.9850311
Publication status	Published - 16 Aug 2022
Event	2nd IEEE International Conference on Cyber Security and Resilience, CSR 2022 - Virtual, Online, Greece Duration: 27 Jul 2022 → 29 Jul 2022

Conference

Conference	2nd IEEE International Conference on Cyber Security and Resilience, CSR 2022
Country/Territory	Greece
City	Virtual, Online
Period	27/07/22 → 29/07/22

Keywords

Facebook
Password Scoring
Passwords
Social Media
Twitter

Access to Document

10.1109/CSR54599.2022.9850311

Cite this

@inproceedings{27eb1ea55cdc4b9f974ffcad004559d4,

title = "IPASS: A novel open-source intelligence password scoring system",

abstract = "Password is one of the first and simplest lines of defence that is usually implemented to protect against unauthorized access to a network, local computer, or software application. Unfortunately, all security reports warn that more than 80% of cyber incidents and security breaches are caused by a weak or stolen password. Thus, users should maintain strong passwords for all the online and offline accounts they have. However, determining what makes a strong password is no easy task, with current methods of password scoring producing various degrees of accuracy and success. This paper outlines a novel password scoring method that utilises a person's social media accounts to improve the accuracy of password scoring by building custom word lists, comparing the password to words found in a person's social media and searching through a large database of leaked or breached passwords. The testing results show that the proposed method is more accurate than the classic zxcvbn scoring method. We also intend to address privacy concerns that may arise as a result of the access to user personal data by using a blockchain-based data sharing solution that can ensure respect of the individual's privacy and allow them to control the trade-offs around disclosure of their personal information. ",

keywords = "Facebook, Password Scoring, Passwords, Social Media, Twitter",

author = "Joshua Hubbard and Gueltoum Bendiab and Stavros Shiaeles",

note = "No ISSN; 2nd IEEE International Conference on Cyber Security and Resilience, CSR 2022 ; Conference date: 27-07-2022 Through 29-07-2022",

year = "2022",

month = aug,

day = "16",

doi = "10.1109/CSR54599.2022.9850311",

language = "English",

isbn = "9781665499538",

pages = "90--95",

booktitle = "Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience, CSR 2022",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

}

Hubbard, J, Bendiab, G & Shiaeles, S 2022, IPASS: A novel open-source intelligence password scoring system. in Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience, CSR 2022. Institute of Electrical and Electronics Engineers Inc., pp. 90-95, 2nd IEEE International Conference on Cyber Security and Resilience, CSR 2022, Virtual, Online, Greece, 27/07/22. https://doi.org/10.1109/CSR54599.2022.9850311

IPASS: A novel open-source intelligence password scoring system. / Hubbard, Joshua; Bendiab, Gueltoum; Shiaeles, Stavros.
Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience, CSR 2022. Institute of Electrical and Electronics Engineers Inc., 2022. p. 90-95.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - IPASS: A novel open-source intelligence password scoring system

AU - Hubbard, Joshua

AU - Bendiab, Gueltoum

AU - Shiaeles, Stavros

N1 - No ISSN

PY - 2022/8/16

Y1 - 2022/8/16

N2 - Password is one of the first and simplest lines of defence that is usually implemented to protect against unauthorized access to a network, local computer, or software application. Unfortunately, all security reports warn that more than 80% of cyber incidents and security breaches are caused by a weak or stolen password. Thus, users should maintain strong passwords for all the online and offline accounts they have. However, determining what makes a strong password is no easy task, with current methods of password scoring producing various degrees of accuracy and success. This paper outlines a novel password scoring method that utilises a person's social media accounts to improve the accuracy of password scoring by building custom word lists, comparing the password to words found in a person's social media and searching through a large database of leaked or breached passwords. The testing results show that the proposed method is more accurate than the classic zxcvbn scoring method. We also intend to address privacy concerns that may arise as a result of the access to user personal data by using a blockchain-based data sharing solution that can ensure respect of the individual's privacy and allow them to control the trade-offs around disclosure of their personal information.

AB - Password is one of the first and simplest lines of defence that is usually implemented to protect against unauthorized access to a network, local computer, or software application. Unfortunately, all security reports warn that more than 80% of cyber incidents and security breaches are caused by a weak or stolen password. Thus, users should maintain strong passwords for all the online and offline accounts they have. However, determining what makes a strong password is no easy task, with current methods of password scoring producing various degrees of accuracy and success. This paper outlines a novel password scoring method that utilises a person's social media accounts to improve the accuracy of password scoring by building custom word lists, comparing the password to words found in a person's social media and searching through a large database of leaked or breached passwords. The testing results show that the proposed method is more accurate than the classic zxcvbn scoring method. We also intend to address privacy concerns that may arise as a result of the access to user personal data by using a blockchain-based data sharing solution that can ensure respect of the individual's privacy and allow them to control the trade-offs around disclosure of their personal information.

KW - Facebook

KW - Password Scoring

KW - Passwords

KW - Social Media

KW - Twitter

UR - http://www.scopus.com/inward/record.url?scp=85137319370&partnerID=8YFLogxK

UR - https://www.ieee-csr.org/archive/2022/

U2 - 10.1109/CSR54599.2022.9850311

DO - 10.1109/CSR54599.2022.9850311

M3 - Conference contribution

AN - SCOPUS:85137319370

SN - 9781665499538

SP - 90

EP - 95

BT - Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience, CSR 2022

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2nd IEEE International Conference on Cyber Security and Resilience, CSR 2022

Y2 - 27 July 2022 through 29 July 2022

ER -

IPASS: A novel open-source intelligence password scoring system

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this