skip to main content
10.1145/3483816.3483820acmotherconferencesArticle/Chapter ViewAbstractPublication PagesicmecgConference Proceedingsconference-collections
research-article

Password Strength Assessment on a Laptop Device using an Online Password Recovery Tool — Cain & Abel

Published: 14 January 2022 Publication History

Abstract

Password cracking procedures are often done using password recovery tools, this has led to attackers using the same technique to obtain access to weak frameworks and infrastructures. The study conducted two trials of strength assessment for (1) weak password and (2) strong password using a Cain & Abel to show the potential risks of both passwords. Two procedures were used for the strength assessment: brute force and dictionary attacks. The findings of this study shows that passwords containing only uppercase and lowercase letters with numbers (3 to 8 characters) are easily exploited. The study concluded that using strong passwords prevent potential cybersecurity attacks because strong passwords require more resources, power, and time to hack.

References

[1]
Dupuis, M., Shorb, J., Walker, J., Holt, F. B., and McIntosh, M., Do You See What I See? The Use of Visual Passwords for Authentication, The 21st Annual Conference on Information Technology Education (SIGITE ’20), New York, NY, USA, October 7-9, 2020, pp. 1-2.
[2]
Mills, M., Cain and Abel: Program to Crack and Hack Passwords, Available: https://itigic.com/cain-and-abel-program-to-crack-and-hack-passwords/, September 2020.
[3]
Surjey, U., Pansari, S., Arya, Y., Katiyar, Y., and Bansal, N., Study and Analysis of Packet Sniffing Tool Cain and Abel – A Review, International Journal of Engineering Science & Research Technology, pp. 2, 2015.
[4]
Pilar, D. R., Jaeger, A., Gomes, C. F. A., and Stein, L. M., Passwords usage and human memory limitations: a survey across age and educational background. PLoS One, pp. 3–5, 2012.
[5]
Grobler, M., Gaire, R., and Nepal,S., User, Usage and Usability: Redefining Human Centric Cyber Security. Frontiers in Big Data. pp.4, 2021.
[6]
Yıldırım, M. and Mackie, I., Encouraging users to improve password security and memorability, International Journal of Information Security, pp. 3-5, 2019.
[7]
Shay, R., Komanduri, S., Kelley, P.G., Leon, P.G., Mazurek, M.L., Bauer, L., Christin, N., Cranor, L.F., Encountering stronger password requirements: User attitudes and behaviors, Proceedings of the Sixth Symposium on Usable Privacy and Security, pp. 1–20. ACM, New York, NY, USA, 2010.
[8]
Das, A., Bonneau, J., Caesar, M., Borisov, N., and Wang, X., The Tangled Web of Password Reuse, Network and Distributed System Security Symposium, pp 1-2, 2014.
[9]
Hautala, L., Password managers can be a pain but they're good for security, Available: https://www.cnet.com/news/password-managers-a-little-pain-for-a-lot-better-security-world-password-day/, September 2020.
[10]
Bošnjak, L., Sreš, J., and Brumen, B., Brute-force and dictionary attack on hashed real-world passwords,41st International Convention on Information and Communication Technology, pp. 1161-1166, 2018.
[11]
Clair L.S. (2006) Password Exhaustion: Predicting the End of Password Usefulness. In: Bagchi A., Atluri V. (eds) Information Systems Security. ICISS 2006. Lecture Notes in Computer Science, vol 4332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11961635_3.
[12]
Kumar, B. P., and Reddy, E. S., An Efficient Security Model for Password Generation and Time Complexity Analysis for Cracking the Password, International Journal of Safety and Security Engineering, pp. 4-6, 2020.

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ICMECG '21: Proceedings of the 8th International Conference on Management of e-Commerce and e-Government
July 2021
122 pages
ISBN:9781450390545
DOI:10.1145/3483816
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 January 2022

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Brute Force
  2. Cain & Abel
  3. Dictionary Attack
  4. Password Recovery Tool
  5. and Password Cracking

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

ICMECG 2021

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 123
    Total Downloads
  • Downloads (Last 12 months)19
  • Downloads (Last 6 weeks)1
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media