|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
The science of guessing
If you have a question about this talk, please contact Microsoft Research Cambridge Talks Admins.
This event may be recorded and made available internally or externally via http://research.microsoft.com. Microsoft will own the copyright of any recordings made. If you do not wish to have your image/voice recorded please consider this before attending
Despite decades of efforts to improve authentication, the world still relies heavily on secrets chosen (and memorized) by humans: passwords, PINs, personal knowledge questions and the occasional graphical password scheme. While everybody think these are possible for attackers to guess, our understanding of just how difficult is vague. Are passwords or PINs harder and by how much? How can we accurately the difficulty of guessing passwords chosen by older users to those chosen by younger users, or those chosen by English speakers to those chosen by Spanish speakers? This talk will address these questions, presenting the speaker’s dissertation research and upcoming IEEE Security & Privacy Symposium publication. To do so, the talk will introduce the right statistical metrics for measuring guessing resistance, discuss how to collect large password datasets in a privacy-friendly and secure manner, and discuss some findings from analyzing 70 M passwords from Yahoo! users, perhaps the largest corpus ever studied.
This talk is part of the Microsoft Research Cambridge, public talks series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other lists8th International Prader-Willi Syndrome Organisation conference Sustainable Development Research Seminars Clark Lectures
Other talksThe 2015 Controlling Cancer Summit Contentious politics and public services in the European Union Misspecified Recovery A V HILL LECTURE - Title to be confirmed Cultured Birds? Social networks, personality and social learning in parids. Latent variable models: factor analysis and all that