An Analysis on Vulnerabilities of Password Retrying
Recently, due to security concerns, most of the computing systems have employed authentication based access control mechanisms. Again, in general, a considerable number of such systems we use in our day-to-day life. Hence, we also have to memorize a considerably large number of passwords, which incu...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
American Scientific Publisher
2018
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/19609/ http://umpir.ump.edu.my/id/eprint/19609/1/An%20Analysis%20on%20Vulnerabilities%20of%20Password%20Retrying.pdf |
| _version_ | 1848820920438751232 |
|---|---|
| author | Ranak, M. S. A. Noman Azad, Saiful Safwan Fathi, Mohammad Kamal Z., Zamli Rahman, Mohammed Mostafizur |
| author_facet | Ranak, M. S. A. Noman Azad, Saiful Safwan Fathi, Mohammad Kamal Z., Zamli Rahman, Mohammed Mostafizur |
| author_sort | Ranak, M. S. A. Noman |
| building | UMP Institutional Repository |
| collection | Online Access |
| description | Recently, due to security concerns, most of the computing systems have employed authentication based access control mechanisms. Again, in general, a considerable number of such systems we use in our day-to-day life. Hence, we also have to memorize a considerably large number of passwords, which incurs the issue of memorability. Mostly, a user retries password due to memorability problem. However, password retrying leads to several vulnerabilities. The main objective of this paper is to unveil these vulnerabilities with appropriate evidences. In this process, we discover and report an attack, named retry attack, which is discussed elaborately. An experiment has been performed and a survey has been conducted to examine the impact of such attack on 27 participants—where the experiment has been designed in such a way that it does not violate the ethical regulations of the university and preserves the secrecy of the participants’ passwords. The results evidently demonstrate the impact of such attack. At the end, some suggestions are noted that would assist a user to tackle this kind of attack. |
| first_indexed | 2025-11-15T02:17:07Z |
| format | Article |
| id | ump-19609 |
| institution | Universiti Malaysia Pahang |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T02:17:07Z |
| publishDate | 2018 |
| publisher | American Scientific Publisher |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | ump-196092020-02-28T01:21:34Z http://umpir.ump.edu.my/id/eprint/19609/ An Analysis on Vulnerabilities of Password Retrying Ranak, M. S. A. Noman Azad, Saiful Safwan Fathi, Mohammad Kamal Z., Zamli Rahman, Mohammed Mostafizur QA75 Electronic computers. Computer science Recently, due to security concerns, most of the computing systems have employed authentication based access control mechanisms. Again, in general, a considerable number of such systems we use in our day-to-day life. Hence, we also have to memorize a considerably large number of passwords, which incurs the issue of memorability. Mostly, a user retries password due to memorability problem. However, password retrying leads to several vulnerabilities. The main objective of this paper is to unveil these vulnerabilities with appropriate evidences. In this process, we discover and report an attack, named retry attack, which is discussed elaborately. An experiment has been performed and a survey has been conducted to examine the impact of such attack on 27 participants—where the experiment has been designed in such a way that it does not violate the ethical regulations of the university and preserves the secrecy of the participants’ passwords. The results evidently demonstrate the impact of such attack. At the end, some suggestions are noted that would assist a user to tackle this kind of attack. American Scientific Publisher 2018-11 Article PeerReviewed pdf en http://umpir.ump.edu.my/id/eprint/19609/1/An%20Analysis%20on%20Vulnerabilities%20of%20Password%20Retrying.pdf Ranak, M. S. A. Noman and Azad, Saiful and Safwan Fathi, Mohammad and Kamal Z., Zamli and Rahman, Mohammed Mostafizur (2018) An Analysis on Vulnerabilities of Password Retrying. Advanced Science Letters, 24 (10). pp. 7418-7422. ISSN 1936-6612. (Published) https://doi.org/10.1166/asl.2018.12951 DOI: 10.1166/asl.2018.12951 |
| spellingShingle | QA75 Electronic computers. Computer science Ranak, M. S. A. Noman Azad, Saiful Safwan Fathi, Mohammad Kamal Z., Zamli Rahman, Mohammed Mostafizur An Analysis on Vulnerabilities of Password Retrying |
| title | An Analysis on Vulnerabilities of Password Retrying |
| title_full | An Analysis on Vulnerabilities of Password Retrying |
| title_fullStr | An Analysis on Vulnerabilities of Password Retrying |
| title_full_unstemmed | An Analysis on Vulnerabilities of Password Retrying |
| title_short | An Analysis on Vulnerabilities of Password Retrying |
| title_sort | analysis on vulnerabilities of password retrying |
| topic | QA75 Electronic computers. Computer science |
| url | http://umpir.ump.edu.my/id/eprint/19609/ http://umpir.ump.edu.my/id/eprint/19609/ http://umpir.ump.edu.my/id/eprint/19609/ http://umpir.ump.edu.my/id/eprint/19609/1/An%20Analysis%20on%20Vulnerabilities%20of%20Password%20Retrying.pdf |