|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
The science of guessing
If you have a question about this talk, please contact Microsoft Research Cambridge Talks Admins.
This event may be recorded and made available internally or externally via http://research.microsoft.com. Microsoft will own the copyright of any recordings made. If you do not wish to have your image/voice recorded please consider this before attending
Despite decades of efforts to improve authentication, the world still relies heavily on secrets chosen (and memorized) by humans: passwords, PINs, personal knowledge questions and the occasional graphical password scheme. While everybody think these are possible for attackers to guess, our understanding of just how difficult is vague. Are passwords or PINs harder and by how much? How can we accurately the difficulty of guessing passwords chosen by older users to those chosen by younger users, or those chosen by English speakers to those chosen by Spanish speakers? This talk will address these questions, presenting the speaker’s dissertation research and upcoming IEEE Security & Privacy Symposium publication. To do so, the talk will introduce the right statistical metrics for measuring guessing resistance, discuss how to collect large password datasets in a privacy-friendly and secure manner, and discuss some findings from analyzing 70 M passwords from Yahoo! users, perhaps the largest corpus ever studied.
This talk is part of the Microsoft Research Cambridge, public talks series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsWednesday Lunch Time Seminar Series Irregular seminars in TCM Babraham Institute - Public Engagement Events
Other talksRelativistic Collisions and Reflections Elevator Pitch Practice session Interventionist causation and the placement problem Modernism and Masculinity: Art and Politics in Fascist Italy In Search of the Erhu Melody Power analysis