Analysis on the security and use of password managers

Carlos Luevanos, John Elizarraras, Khai Hirschi, Jyh Haw Yeh

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

15 Scopus citations

Abstract

Cybersecurity has become one of the largest growing fields in computer science and the technology industry. Faulty security has cost the global economy immense losses. Oftentimes, the pitfall in such financial loss is due to the security of passwords. Companies and regular people alike do not do enough to enforce strict password guidelines like the NIST (National Institute of Standard Technology) recommends. When big security breaches happen, thousands to millions of passwords can be exposed and stored into files, meaning people are susceptible to dictionary and rainbow table attacks. Those are only two examples of attacks that are used to crack passwords. In this paper, we will be going over three open-source password managers, each chosen for their own uniqueness. Our results will conclude on the overall security of each password manager using a list of established attacks and development of new potential attacks on such software. Additionally, we will compare our research with the limited research already conducted on password managers. Finally, we will provide some general guidelines of how to develop a better and more secure password manager.

Original languageEnglish
Title of host publicationProceedings - 18th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2017
EditorsShi-Jinn Horng
PublisherIEEE Computer Society
Pages17-24
Number of pages8
ISBN (Electronic)9781538631515
DOIs
StatePublished - 2 Jul 2017
Event18th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2017 - Taipei, Taiwan, Province of China
Duration: 18 Dec 201720 Dec 2017

Publication series

NameParallel and Distributed Computing, Applications and Technologies, PDCAT Proceedings
Volume2017-December

Conference

Conference18th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2017
Country/TerritoryTaiwan, Province of China
CityTaipei
Period18/12/1720/12/17

Keywords

  • Password authentication
  • Password managers

Fingerprint

Dive into the research topics of 'Analysis on the security and use of password managers'. Together they form a unique fingerprint.

Cite this