Generation of Secure and Reliable Honeywords To Enhance Password Security
Abstract
Password cracking and breaching of data has become a very common phenomenon in the software market industry. Such breaches might end up in potential data loss which might lead to a multimillion-dollar infrastructure failure, loss in data or even worse data-theft. Very often such breaches go undetected for months and years before anyone actually finds the hole. Most of the times small companies who are involved are not even aware of the breaches. However, Jules et al. (in the ACM-CCS 2013) proposed a technique[1] called ‘Honeywords technique’, for finding breaches in password database. The basic facts, very simple create numerous fake passwords called honeywords and accumulate them along with the real one called the sugerword. Anyone trying to login with the honeywords is seen as a threat and is recognized as a intercession of the database to the passwords. The major parts of the entire idea are divided into 3 parts, creation of honeywords, typo-safety measures for prevention of untrue alarms and testing the system for various attacks so that it stands robust.
In the given paper we have worked and analyzed the flaws and limitation of the existing honeyword techniques, and proposed a new attack model which not only brings more flatness to the system but also gives an efficient and decent output
Keywords: Passwords, Honeywords, Password breaches, Authentication, Security