How Do We Create a Fantabulous Password?

Simon S. Woo

doi:10.1145/3366423.3380222

How Do We Create a Fantabulous Password?

Simon S. Woo

Department of Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

4 Scopus citations

Abstract

Although pronounceability can improve password memorability, most existing password generation approaches have not properly integrated the pronounceability of passwords in their designs. In this work, we demonstrate several shortfalls of current pronounceable password generation approaches, and then propose, ProSemPass, a new method of generating passwords that are pronounceable and semantically meaningful. In our approach, users supply initial input words and our system improves the pronounceability and meaning of the user-provided words by automatically creating a portmanteau. To measure the strength of our approach, we use attacker models, where attackers have complete knowledge of our password generation algorithms. We measure strength in guess numbers and compare those with other existing password generation approaches. Using a large-scale IRB-approved user study with 1,563 Amazon MTurkers over 9 different conditions, our approach achieves a 30% higher recall than those from current pronounceable password approaches, and is stronger than the offline guessing attack limit.

Original language	English
Title of host publication	The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020
Publisher	Association for Computing Machinery, Inc
Pages	1491-1501
Number of pages	11
ISBN (Electronic)	9781450370233
DOIs	https://doi.org/10.1145/3366423.3380222
State	Published - 20 Apr 2020
Event	29th International World Wide Web Conference, WWW 2020 - Taipei, Taiwan, Province of China Duration: 20 Apr 2020 → 24 Apr 2020

Publication series

Name	The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020

Conference

Conference	29th International World Wide Web Conference, WWW 2020
Country/Territory	Taiwan, Province of China
City	Taipei
Period	20/04/20 → 24/04/20

Keywords

Password
Pronounceable Password
Semantic Password

Access to Document

10.1145/3366423.3380222

Cite this

@inproceedings{8a7e1c29f8ec4e6c957ba875ef26da07,

title = "How Do We Create a Fantabulous Password?",

abstract = "Although pronounceability can improve password memorability, most existing password generation approaches have not properly integrated the pronounceability of passwords in their designs. In this work, we demonstrate several shortfalls of current pronounceable password generation approaches, and then propose, ProSemPass, a new method of generating passwords that are pronounceable and semantically meaningful. In our approach, users supply initial input words and our system improves the pronounceability and meaning of the user-provided words by automatically creating a portmanteau. To measure the strength of our approach, we use attacker models, where attackers have complete knowledge of our password generation algorithms. We measure strength in guess numbers and compare those with other existing password generation approaches. Using a large-scale IRB-approved user study with 1,563 Amazon MTurkers over 9 different conditions, our approach achieves a 30\% higher recall than those from current pronounceable password approaches, and is stronger than the offline guessing attack limit.",

keywords = "Password, Pronounceable Password, Semantic Password",

author = "Woo, \{Simon S.\}",

note = "Publisher Copyright: {\textcopyright} 2020 ACM.; 29th International World Wide Web Conference, WWW 2020 ; Conference date: 20-04-2020 Through 24-04-2020",

year = "2020",

month = apr,

day = "20",

doi = "10.1145/3366423.3380222",

language = "English",

series = "The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020",

publisher = "Association for Computing Machinery, Inc",

pages = "1491--1501",

booktitle = "The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020",

}

Woo, SS 2020, How Do We Create a Fantabulous Password? in The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020. The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020, Association for Computing Machinery, Inc, pp. 1491-1501, 29th International World Wide Web Conference, WWW 2020, Taipei, Taiwan, Province of China, 20/04/20. https://doi.org/10.1145/3366423.3380222

How Do We Create a Fantabulous Password? / Woo, Simon S.
The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020. Association for Computing Machinery, Inc, 2020. p. 1491-1501 (The Web Conference 2020 - Proceedings of the World Wide Web Conference, WWW 2020).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review