With the continuous development of authentication approaches, password-based authentication is still the first choice for various online services today. The security of password-based authentication relies heavily on the strength of… Click to show full abstract
With the continuous development of authentication approaches, password-based authentication is still the first choice for various online services today. The security of password-based authentication relies heavily on the strength of the passwords created by users. Password enhancement is a general way to increase the difficulty of cracking a password. An ideal password enhancement strategy should take into account both the usability (mainly the memorability) and the security of passwords. However, it has been found that the higher the password strength, the lower the usability of the password, and vice versa. In order to balance the usability and the security of the password, we propose a password enhancement method based on semantic transformation, which can effectively analyze the semantic structure of a given password. This enhances the password's strength through one or more password semantic transformations to make the password better protected against guessing attacks. Finally, we use publicly available real-world password data sets leaked in previous security incidents to conduct experiments. Our password enhancement strategy significantly reduces the proportion of guesses by a classic password guessing attack, which demonstrates the effectiveness of the method.
               
Click one of the above tabs to view related content.