A Literature Survey on Making Password Cracking Detectable using Honeywords |
Author(s): |
Shekhar Pansare , JSPM's Rajarshi shahu college of engineering Thatawade pune; Monali Deshmukh, RSCOE; Kunal Kasar, RSCOE; Akshay Pandit, RSCOE; Tejas Dhage, RSCOE |
Keywords: |
Honeyword, Honeypot, Sweetword, Sugarword, Password, Authentication |
Abstract |
Honey word mechanism is used to detect an adversary who attempts to login with cracked passwords. We propose a simple method for improving the security of hashed passwords: the maintenance of additional "honeywords" (false passwords) associated with each user's account. An adversary who steals a file of hashed passwords and inverts the hash function cannot tell if he has found the password or a honeyword. The attempted use of a honeyword for login sets off an alarm. An auxiliary server (the "honeychecker") can distinguish the user password from honeywords for the login routine, and will set off an alarm if a honeyword is submitted. This paper does a survey on how the passwords are stored on the server. This paper also discusses the different password composition policies implemented by different systems. Finally, this paper discusses about various approaches to overcome the challenges in the current authentication systems. |
Other Details |
Paper ID: IJSRDV6I10451 Published in: Volume : 6, Issue : 1 Publication Date: 01/04/2018 Page(s): 690-692 |
Article Preview |
|
|