Toggle Main Menu Toggle Search

Open Access padlockePrints

Determining User Passwords From Partial Information

Lookup NU author(s): Dr Dylan Clarke, Ehsan Toreini, Professor Feng Hao



Memorable words have become a common technique in online banking security as a second authentication factor that is partially resistant to observation by adversaries. We formally model this technique and analyze the expected number of observations until the memorable word is known, for a range of common word lengths. We also calculate the probability of an adversary successfully passing authentication with knowledge of some but not all characters from the memorable word.

Publication metadata

Author(s): Clarke D, Toreini E, Hao F

Publication type: Report

Publication status: Published

Series Title: School of Computing Science Technical Report Series

Year: 2015

Pages: 10

Print publication date: 01/04/2015

Report Number: 1461

Institution: School of Computing Science, University of Newcastle upon Tyne

Place Published: Newcastle upon Tyne