Password Cracking and Countermeasures in Computer Security: A Survey

With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of the users. Password authentication is one of the widely used methods to achieve authentication for legal users and defense against intruders. There have been many password cracking methods developed during the past years, and people have been designing the countermeasures against password cracking all the time. However, we find that the survey work on the password cracking research has not been done very much. This paper is mainly to give a brief review of the password cracking methods, import technologies of password cracking, and the countermeasures against password cracking that are usually designed at two stages including the password design stage (e.g. user education, dynamic password, use of tokens, computer generations) and after the design (e.g. reactive password checking, proactive password checking, password encryption, access control). The main objective of this work is offering the abecedarian IT security professionals and the common audiences with some knowledge about the computer security and password cracking, and promoting the development of this area.Comment: add copyright to the tables to the original authors, add acknowledgement to helpe

Users are not the enemy

Many system security departments treat users as a security risk to be controlled. The general consensus is that most users are careless and unmotivated when it comes to system security. In a recent study, we found that users may indeed compromise computer security mechanisms, such as password authentication, both knowing and unknowingly. A closer analysis, however, revealed that such behavior is often caused by the way in which security mechanisms are implemented, and users ’ lack of knowledge. We argue that to change this state of affairs, security departments need to communicate more with users, and adopt a user-centered design approach

Simple Nudges for Better Password Creation

Recent security breaches have highlighted the consequences of reusing passwords across online accounts. Recent guidance on password policies by the UK government recommend an emphasis on password length over an extended character set for generating secure but memorable passwords without cognitive overload. This paper explores the role of three nudges in creating website-specific passwords: financial incentive (present vs absent), length instruction (long password vs no instruction) and stimulus (picture present vs not present). Mechanical Turk workers were asked to create a password in one of these conditions and the resulting passwords were evaluated based on character length, resistance to automated guessing attacks, and time taken to create the password. We found that users created longer passwords when asked to do so or when given a financial incentive and these longer passwords were harder to guess than passwords created with no instruction. Using a picture nudge to support password creation did not lead to passwords that were either longer or more resistant to attacks but did lead to account-specific passwords

Password Policy Effects on Entropy and Recall: Research in Progress

Passwords are commonly used for authentication. System architects generally put in place password policies that define the required length of a password, the complexity requirements of the password, and the expiration (if ever) of the password. Password policies are designed with the intent of helping users choose secure passwords, and in the case of password expiration, limit the potential damage of a compromised password. However, password policies can have unintended consequences that could potentially undermine their security aims. Based on the theory of cognitive load, it is hypothesized that password policy elements increase extraneous load, which can result in high entropy passwords, but to the detriment of recall. It is further hypothesized that certain password policy elements can still help increase entropy, while minimizing the negative impact on recall. An experiment to test the hypotheses and determine both a secure and user friendly password policy is put forward

CHARACTER EDUCATION THROUGH DIGITAL TECHNOLOGY IN THE CLASSROOM (ANALYSIS OF A FILM: FREEDOM WRITER BY RICHARD LAGRAVENESE, STARRED BY HILLARY SWANK)

The potential value and uses of films in the classroom are undisputable. The practicality of films in classroom teaching character has been demonstrated to be influential to the teaching activities. A movie has a strong effect on students’ mind and senses. Videos are instructional tools for students’ character. Digital technology based on films in classroom increases the attention of students, creates memorable visual images, and fosters deeper learning. Character education and development is significantly facilitated by the films in the classrooms. Films are educative when carefully and purposively selected for teaching character. Moral, performance, and civic characters like respect, caring, love, and effort, fighting against racism, gender equality, community work involvement, and patriotism are fruitfully learnt through films watching in the classroom. This provides to teachers the opportunity to use films in classrooms for character education and development.  Article visualizations

Enhancing student learning with case-based learning objects in a problem-based learning context: the views of social work students in Scotland and Canada

This paper summarizes the results of an evaluation of students' perspectives comparing learning from a multimedia case-based learning object with learning from text-based case studies. A secondary goal of the study was to test the reusability of the learning object in different instructional contexts. The learning object was deployed in the context of a problem-based learning approach to teaching social work students in three different courses in two different countries: Scotland (N=39) and Canada (N=57). Students completed a structured survey form including a series of statements using a five point Likert scale to quantify their views of the different case types (text-based and multimedia). Results indicate strong support for the use of multimedia case scenarios in social work education. Students felt their learning was enhanced using multimedia case studies compared to text-based case studies. A number of benefits, disadvantages and recommendations were identified that will help guide the future development, (re)use, and exchange of digitized learning resources in social work education