Research
Our research intesest mainly includes the password security. Here, we list some papers published by our team in the past.
- A Large-Scale Empirical Analysis of Chinese Web Passwords(2014 USENIX) paper
- Regional Patterns and Vulnerability Analysis of Chinese Web Passwords. (TIFS 2016) paper
- Shadow Attacks based on Password Reuses: A Quantitative Empirical View. (TDSC 2018) paper
- An Explainable Password Strength Meter Addon via Textual Pattern Recognition. (SCN 2019) paper
Currently, our research mainly focuses on the following four directions and lists some related papers here.
Long password security
- Can Long Passwords be Secure and Usable? (CHI 2014) paper
- Towards reliable storage of 56-bit secrets in human memory. (USENIX 2014) paper
- Effect of Grammar on Security of Long Passwords. (SOUPS 2014) paper
- Usability and Security of Text Passwords on Mobile Devices. paper
- Of Passwords and People:Measuring the Effect of Password-Composition Policies. (CHI 2011) paper
- Designing Password Policies for Strength and Usability. (TISSEC 2016) paper
Hybrid password guessing methods
- Measuring Real-World Accuracies and Biases in Modeling Password Guessability. (USENIX 2015) paper
- OMEN: Faster Password Guessing Using an Ordered Markov Enumerator. (ESSoS 2015) paper
- Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks. (USENIX 2016) paper
Semantic patterns in passwords
- On the Semantic Patterns of Passwords and their Security Impact. (NDSS 2014) paper
- A Study of Personal Information in Human-chosen Passwords and Its Security Implications. (Infocom 2016) paper
- On the null relationship between personality types and passwords. (PST 2019) paper
- Comparative Analysis of Three Language Spheres: Are Linguistic and Cultural Differences Reflected in Password Selection Habits? (European Workshop S&P 2019)