{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,10]],"date-time":"2025-12-10T09:05:08Z","timestamp":1765357508626,"version":"3.40.3"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031514784"},{"type":"electronic","value":"9783031514791"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-51479-1_8","type":"book-chapter","created":{"date-parts":[[2024,1,11]],"date-time":"2024-01-11T07:02:33Z","timestamp":1704956553000},"page":"141-161","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["You Reset I Attack! A\u00a0Master Password Guessing Attack Against Honey Password Vaults"],"prefix":"10.1007","author":[{"given":"Tingting","family":"Rao","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yixin","family":"Su","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peng","family":"Xu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yubo","family":"Zheng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wei","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hai","family":"Jin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,1,12]]},"reference":[{"key":"8_CR1","unstructured":"1password: 1password security design. https:\/\/1passwordstatic.com\/files\/security\/1password-white-paper.pdf"},{"key":"8_CR2","unstructured":"Bohuk, M.S., Islam, M., Ahmad, S., Swift, M., Ristenpart, T., Chatterjee, R.: Gossamer: securely measuring password-based logins. In: USENIX Security 2022, pp. 1867\u20131884 (2022)"},{"key":"8_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1007\/978-3-642-15497-3_18","volume-title":"Computer Security \u2013 ESORICS 2010","author":"H Bojinov","year":"2010","unstructured":"Bojinov, H., Bursztein, E., Boyen, X., Boneh, D.: Kamouflage: loss-resistant password management. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 286\u2013302. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15497-3_18"},{"key":"8_CR4","doi-asserted-by":"crossref","unstructured":"Chatterjee, R., Bonneau, J., Juels, A., Ristenpart, T.: Cracking-resistant password vaults using natural language encoders. In: IEEE S&P 2015, pp. 481\u2013498 (2015)","DOI":"10.1109\/SP.2015.36"},{"key":"8_CR5","unstructured":"Cheng, H., Li, W., Wang, P., Chu, C.H., Liang, K.: Incrementally updateable honey password vaults. In: USENIX Security 2021, pp. 857\u2013874 (2021)"},{"key":"8_CR6","unstructured":"Cheng, H., Zheng, Z., Li, W., Wang, P., Chu, C.H.: Probability model transforming encoders against encoding attacks. In: USENIX Security 2019, pp. 1573\u20131590 (2019)"},{"key":"8_CR7","unstructured":"Enpass: Enpass security whitepaper. https:\/\/support.enpass.io\/docs\/security-whitepaper-enpass\/index.html"},{"key":"8_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"770","DOI":"10.1007\/978-3-642-33167-1_44","volume-title":"Computer Security \u2013 ESORICS 2012","author":"P Gasti","year":"2012","unstructured":"Gasti, P., Rasmussen, K.B.: On the security of password manager database formats. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 770\u2013787. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33167-1_44"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Gelernter, N., Kalma, S., Magnezi, B., Porcilan, H.: The password reset MitM attack. In: IEEE S&P 2017, pp. 251\u2013267 (2017)","DOI":"10.1109\/SP.2017.9"},{"key":"8_CR10","doi-asserted-by":"crossref","unstructured":"Golla, M., Beuscher, B., D\u00fcrmuth, M.: On the security of cracking-resistant password vaults. In: ACM CCS 2016, pp. 1230\u20131241 (2016)","DOI":"10.1145\/2976749.2978416"},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Golla, M., D\u00fcrmuth, M.: On the accuracy of password strength meters. In: ACM CCS 2018, pp. 1567\u20131582 (2018)","DOI":"10.1145\/3243734.3243769"},{"key":"8_CR12","unstructured":"Google: Google chrome privacy whitepaper. https:\/\/www.google.com\/chrome\/privacy\/whitepaper.html"},{"key":"8_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"758","DOI":"10.1007\/978-3-662-49890-3_29","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"J Jaeger","year":"2016","unstructured":"Jaeger, J., Ristenpart, T., Tang, Q.: Honey encryption beyond message recovery security. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 758\u2013788. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49890-3_29"},{"key":"8_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-642-55220-5_17","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"A Juels","year":"2014","unstructured":"Juels, A., Ristenpart, T.: Honey encryption: security beyond the Brute-Force bound. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 293\u2013310. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-55220-5_17"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Juels, A., Rivest, R.L.: Honeywords: making password-cracking detectable. In: ACM CCS 2013, pp. 145\u2013160 (2013)","DOI":"10.1145\/2508859.2516671"},{"key":"8_CR16","unstructured":"Kingma, D.P., Ba, J.: Adam: a method for stochastic optimization. arXiv preprint arXiv:1412.6980 (2014)"},{"key":"8_CR17","unstructured":"Lastpass: Lastpass technical whitepaper. https:\/\/support.lastpass.com\/help\/lastpass-technical-whitepaper"},{"key":"8_CR18","unstructured":"Lastpass: Master password policy. https:\/\/support.lastpass.com\/help\/what-is-the-lastpass-master-password-lp070014"},{"key":"8_CR19","unstructured":"Mayer, P., Munyendo, C.W., Mazurek, M.L., Aviv, A.J.: Why users (don\u2019t) use password managers at a large educational institution. In: USENIX Security 2022, pp. 1849\u20131866 (2022)"},{"key":"8_CR20","doi-asserted-by":"crossref","unstructured":"Pal, B., Daniel, T., Chatterjee, R., Ristenpart, T.: Beyond credential stuffing: Password similarity models using neural networks. In: IEEE S&P 2019, pp. 417\u2013434 (2019)","DOI":"10.1109\/SP.2019.00056"},{"key":"8_CR21","doi-asserted-by":"crossref","unstructured":"Ray, H., Wolf, F., Kuber, R., Aviv, A.J.: Why older adults (don\u2019t) use password managers. In: USENIX Security 2021, pp. 73\u201390 (2021)","DOI":"10.2478\/popets-2021-0016"},{"key":"8_CR22","unstructured":"Ur, B., et al.: How does your password measure up? The effect of strength meters on password creation. In: USENIX Security 2012, pp. 65\u201380 (2012)"},{"key":"8_CR23","doi-asserted-by":"crossref","unstructured":"Wang, D., Zhang, Z., Wang, P., Yan, J., Huang, X.: Targeted online password guessing: an underestimated threat. In: ACM CCS 2016, pp. 1242\u20131254 (2016)","DOI":"10.1145\/2976749.2978339"},{"key":"8_CR24","doi-asserted-by":"crossref","unstructured":"Wang, D., Zou, Y., Dong, Q., Song, Y., Huang, X.: How to attack and generate honeywords. In: IEEE S&P 2022, pp. 489\u2013506 (2022)","DOI":"10.1109\/SP46214.2022.9833598"},{"key":"8_CR25","doi-asserted-by":"crossref","unstructured":"Weir, M., Aggarwal, S., De Medeiros, B., Glodek, B.: Password cracking using probabilistic context-free grammars. In: IEEE S&P 2009, pp. 391\u2013405 (2009)","DOI":"10.1109\/SP.2009.8"},{"issue":"6","key":"8_CR26","doi-asserted-by":"publisher","first-page":"1091","DOI":"10.1109\/TPAMI.2007.1078","volume":"29","author":"L Yujian","year":"2007","unstructured":"Yujian, L., Bo, L.: A normalized Levenshtein distance metric. IEEE Trans. Pattern Anal. Mach. Intell. 29(6), 1091\u20131095 (2007)","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-51479-1_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,11]],"date-time":"2024-01-11T07:06:02Z","timestamp":1704956762000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-51479-1_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031514784","9783031514791"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-51479-1_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"12 January 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Hague","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Netherlands","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 September 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2023.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"478","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"93","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}