메뉴 건너뛰기




Volumn , Issue , 2015, Pages 253-262

Password meters and generators on the web: From large-scale empirical study to getting it right

Author keywords

Passwords; Sandboxing; Web security

Indexed keywords

WEB SERVICES;

EID: 84928107691     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2699026.2699118     Document Type: Conference Paper
Times cited : (11)

References (67)
  • 1
    • 84872105489 scopus 로고    scopus 로고
    • JSand: Complete client-side sandboxing of third-party JavaScript without browser modifications
    • P. Agten, S. Van Acker, Y. Brondsema, P. H. Phung, L. Desmet, and F. Piessens. JSand: Complete client-side sandboxing of third-party JavaScript without browser modifications. In ACSAC, 2012.
    • (2012) ACSAC
    • Agten, P.1    Van Acker, S.2    Brondsema, Y.3    Phung, P.H.4    Desmet, L.5    Piessens, F.6
  • 6
    • 84878353718 scopus 로고    scopus 로고
    • The quest to replace passwords: A framework for comparative evaluation of web authentication schemes
    • J. Bonneau, C. Herley, P. C. van Oorschot, and F. Stajano. The quest to replace passwords: A framework for comparative evaluation of web authentication schemes. In S&P, 2012.
    • (2012) S&P
    • Bonneau, J.1    Herley, C.2    Van Oorschot, P.C.3    Stajano, F.4
  • 10
    • 84928121898 scopus 로고    scopus 로고
    • CrackLib. http://cracklib.sourceforge.net/.
    • CrackLib
  • 12
    • 84926172214 scopus 로고    scopus 로고
    • CryptoJS. https://code.google.com/p/crypto-js/.
    • CryptoJS
  • 13
    • 85104527602 scopus 로고    scopus 로고
    • From very weak to very strong: Analyzing password-strength meters
    • X. de Carné de Carnavalet and M. Mannan. From very weak to very strong: Analyzing password-strength meters. In NDSS, 2014.
    • (2014) NDSS
    • De Carné, X.1    Mannan, M.2
  • 14
    • 84864195701 scopus 로고    scopus 로고
    • How unique is your web browser?
    • P. Eckersley. How unique is your web browser? In PET, 2010.
    • (2010) PET
    • Eckersley, P.1
  • 15
    • 84970892068 scopus 로고    scopus 로고
    • Does my password go up to eleven?: The impact of password meters on password selection
    • S. Egelman, A. Sotirakopoulos, I. Muslukhov, K. Beznosov, and C. Herley. Does my password go up to eleven?: The impact of password meters on password selection. In SIGCHI, 2013.
    • (2013) SIGCHI
    • Egelman, S.1    Sotirakopoulos, A.2    Muslukhov, I.3    Beznosov, K.4    Herley, C.5
  • 18
    • 84914175165 scopus 로고    scopus 로고
    • TreeHouse: JavaScript sandboxes to help web developers help themselves
    • L. Ingram and M. Walfish. TreeHouse: JavaScript sandboxes to help web developers help themselves. In USENIX ATC, 2012.
    • (2012) USENIX ATC
    • Ingram, L.1    Walfish, M.2
  • 19
    • 84928102259 scopus 로고    scopus 로고
    • Jacaranda
    • Jacaranda. Jacaranda. http://jacaranda.org.
    • Jacaranda
  • 20
    • 57349089194 scopus 로고    scopus 로고
    • Forcehttps: Protecting high-security web sites from network attacks
    • C. Jackson and A. Barth. Forcehttps: Protecting high-security web sites from network attacks. In WWW, 2008.
    • (2008) WWW
    • Jackson, C.1    Barth, A.2
  • 21
    • 35348905576 scopus 로고    scopus 로고
    • Subspace: Secure cross-domain communication for web mashups
    • C. Jackson and H. J. Wang. Subspace: Secure cross-domain communication for web mashups. In WWW, 2007.
    • (2007) WWW
    • Jackson, C.1    Wang, H.J.2
  • 22
    • 35348860223 scopus 로고    scopus 로고
    • Defeating script injection attacks with browser-enforced embedded policies
    • T. Jim, N. Swamy, and M. Hicks. Defeating Script Injection Attacks with Browser-Enforced Embedded Policies. In WWW, 2007.
    • (2007) WWW
    • Jim, T.1    Swamy, N.2    Hicks, M.3
  • 24
    • 57449096326 scopus 로고    scopus 로고
    • Smash: Secure component model for cross-domain mashups on unmodified browsers
    • F. D. Keukelaere, S. Bhola, M. Steiner, S. Chari, and S. Yoshihama. Smash: Secure component model for cross-domain mashups on unmodified browsers. In WWW, 2008.
    • (2008) WWW
    • Keukelaere, F.D.1    Bhola, S.2    Steiner, M.3    Chari, S.4    Yoshihama, S.5
  • 25
    • 0040231044 scopus 로고
    • Foiling the cracker: A survey of, and improvements to, password security
    • D. V. Klein. Foiling the cracker: A survey of, and improvements to, password security. USENIX Security, 1990.
    • (1990) USENIX Security
    • Klein, D.V.1
  • 26
    • 84928104481 scopus 로고    scopus 로고
    • Leet. http://en.wikipedia.org/wiki/Leet.
    • Leet
  • 27
    • 84862920250 scopus 로고    scopus 로고
    • Contego: Capability-based access control for web browsers
    • T. Luo and W. Du. Contego: Capability-based access control for web browsers. In TRUST, 2011.
    • (2011) TRUST
    • Luo, T.1    Du, W.2
  • 28
    • 70350525212 scopus 로고    scopus 로고
    • Language-based isolation of untrusted Javascript
    • S. Maéis and A. Taly. Language-based isolation of untrusted Javascript. In CSF, 2009.
    • (2009) CSF
    • Maéis, S.1    Taly, A.2
  • 29
    • 84975280608 scopus 로고    scopus 로고
    • Safe wrappers and sane policies for self protecting JavaScript
    • J. Magazinius, P. Phung, and D. Sands. Safe wrappers and sane policies for self protecting JavaScript. In Nordsec, 2010.
    • (2010) Nordsec
    • Magazinius, J.1    Phung, P.2    Sands, D.3
  • 30
    • 77955186827 scopus 로고    scopus 로고
    • ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser
    • L. Meyerovich and B. Livshits. ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser. In S&P, 2010.
    • (2010) S&P
    • Meyerovich, L.1    Livshits, B.2
  • 31
    • 77957853454 scopus 로고    scopus 로고
    • Create strong passwords. https://www.microsoft. com/security/pc-security/password-checker.aspx.
    • Create Strong Passwords
  • 34
    • 0018543411 scopus 로고
    • Password security - A case history
    • R. Morris and K. Thompson. Password security - a case history. Commun. ACM, 22(11):594-597, 1979.
    • (1979) Commun. ACM , vol.22 , Issue.11 , pp. 594-597
    • Morris, R.1    Thompson, K.2
  • 37
    • 21644437713 scopus 로고    scopus 로고
    • Making a faster cryptanalytic time-memory trade-off
    • P. Oechslin. Making a faster cryptanalytic time-memory trade-off. In CRYPTO, 2003.
    • (2003) CRYPTO
    • Oechslin, P.1
  • 39
    • 84903565972 scopus 로고    scopus 로고
    • OWASP
    • OWASP. HTML5 Security Cheat Sheet. https://www. owasp.org/index.php/HTML5-Security-Cheat-Sheet.
    • HTML5 Security Cheat Sheet
  • 40
    • 84928121888 scopus 로고    scopus 로고
    • OWASP
    • OWASP. Password storage cheat sheet. https://www.owasp.org/index.php/Password-Storage-Cheat-Sheet.
    • Password Storage Cheat Sheet
  • 41
    • 77952327855 scopus 로고    scopus 로고
    • Lightweight self-protecting JavaScript
    • P. H. Phung, D. Sands, and A. Chudnov. Lightweight self-protecting JavaScript. In ASIACCS, 2009.
    • (2009) ASIACCS
    • Phung, P.H.1    Sands, D.2    Chudnov, A.3
  • 44
    • 0036559882 scopus 로고    scopus 로고
    • Improving computer security for authentication of users: Inuence of proactive password restrictions
    • R. W. Proctor, M.-C. Lien, K.-P. L. Vu, E. E. Schultz, and G. Salvendy. Improving computer security for authentication of users: Inuence of proactive password restrictions. BRMIC, 34(2):163-9, 2002.
    • (2002) BRMIC , vol.34 , Issue.2 , pp. 163-169
    • Proctor, R.W.1    Lien, M.-C.2    Vu, K.-P.3    Schultz, E.E.4    Salvendy, G.5
  • 46
    • 84928121887 scopus 로고    scopus 로고
    • A million tested passwords. http://www.pts.se/en-GB/News/Press-releases/2012/A-million-tested-passwords/.
    • A Million Tested Passwords
  • 47
    • 85076780225 scopus 로고    scopus 로고
    • BrowserShield: Vulnerability-driven filtering of dynamic HTML
    • C. Reis, J. Dunagan, H. J. Wang, O. Dubrovsky, and S. Esmeir. BrowserShield: Vulnerability-driven filtering of dynamic HTML. In OSDI, 2006.
    • (2006) OSDI
    • Reis, C.1    Dunagan, J.2    Wang, H.J.3    Dubrovsky, O.4    Esmeir, S.5
  • 50
    • 0016555241 scopus 로고
    • The protection of information in computer systems
    • J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. IEEE, 1975.
    • (1975) IEEE
    • Saltzer, J.H.1    Schroeder, M.D.2
  • 51
    • 84928121885 scopus 로고    scopus 로고
    • Sharethis. http://www.sharethis.com/.
    • Sharethis
  • 52
    • 84928121884 scopus 로고    scopus 로고
    • Taboola. https://www.taboola.com/.
    • Taboola
  • 55
    • 84928121882 scopus 로고    scopus 로고
    • Tynt. http://www.tynt.com/.
    • Tynt
  • 57
    • 84855708536 scopus 로고    scopus 로고
    • WebJail: Least-privilege integration of third-party components in web mashups
    • S. Van Acker, P. De Ryck, L. Desmet, F. Piessens, and W. Joosen. WebJail: Least-privilege integration of third-party components in web mashups. In ACSAC, 2011.
    • (2011) ACSAC
    • Van Acker, S.1    De Ryck, P.2    Desmet, L.3    Piessens, F.4    Joosen, W.5
  • 64
    • 78650022232 scopus 로고    scopus 로고
    • Testing metrics for password creation policies by attacking large sets of revealed passwords
    • M. Weir, S. Aggarwal, M. P. Collins, and H. Stern. Testing metrics for password creation policies by attacking large sets of revealed passwords. In CCS, 2010.
    • (2010) CCS
    • Weir, M.1    Aggarwal, S.2    Collins, M.P.3    Stern, H.4
  • 65
  • 66
    • 60649094297 scopus 로고    scopus 로고
    • Omos: A framework for secure communication in mashup applications
    • S. Zarandioon, D. Yao, and V. Ganapathy. Omos: A framework for secure communication in mashup applications. In ACSAC, 2008.
    • (2008) ACSAC
    • Zarandioon, S.1    Yao, D.2    Ganapathy, V.3


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.