{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:18:37Z","timestamp":1754158717772,"version":"3.41.2"},"reference-count":33,"publisher":"Emerald","issue":"3","license":[{"start":{"date-parts":[[2020,1,2]],"date-time":"2020-01-02T00:00:00Z","timestamp":1577923200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2020,1,2]]},"abstract":"<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title>\n<jats:p>Using passwords to keep account and data safe is very common in modern computing. The purpose of this paper is to look into methods for cracking passwords as a means of increasing security, a practice commonly used in penetration testing. Further, in the discipline of digital forensics, password cracking is often an essential part of a computer examination as data has to be decrypted to be analyzed. This paper seeks to look into how users that actively encrypt data construct their passwords to benefit the forensics community.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title>\n<jats:p>The study began with an automated analysis of over one billion passwords in 22 different password databases that leaked to the internet. The study validated the result with an experiment were passwords created on a local website was analyzed during account creation. Further a survey was used to gather data that was used to identify differences in password behavior between user that actively encrypt their data and other users.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Findings<\/jats:title>\n<jats:p>The result of this study suggests that American lowercase letters and numbers are present in almost every password and that users seem to avoid using special characters if they can. Further, the study suggests that users that actively encrypt their data are more prone to use keyboard patterns as passwords than other users.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title>\n<jats:p>This paper contributes to the existing body of knowledge around password behavior and suggests that password-guessing attacks should focus on American letters and numbers. Further, the paper suggests that forensics experts should consider testing patterns-based passwords when performing password-guessing attacks against encrypted data.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/ics-11-2019-0132","type":"journal-article","created":{"date-parts":[[2020,1,20]],"date-time":"2020-01-20T09:45:22Z","timestamp":1579513522000},"page":"347-358","source":"Crossref","is-referenced-by-count":4,"title":["Analyzing the usage of character groups and keyboard patterns in password creation"],"prefix":"10.1108","volume":"28","author":[{"given":"Joakim","family":"K\u00e4vrestad","sequence":"first","affiliation":[]},{"given":"Johan","family":"Zaxmy","sequence":"additional","affiliation":[]},{"given":"Marcus","family":"Nohlberg","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2020071513123457400_ref001","doi-asserted-by":"crossref","first-page":"44","DOI":"10.1016\/j.ijhcs.2019.01.004","article-title":"Security analysis of game changer password system","volume":"126","year":"2019","journal-title":"International Journal of Human-Computer Studies"},{"issue":"1","key":"key2020071513123457400_ref002","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1177\/1745691610393980","article-title":"Amazon's mechanical turk: a new source of inexpensive, yet high-quality, data?","volume":"6","year":"2011","journal-title":"Perspectives on Psychological Science : a Journal of the Association for Psychological Science"},{"volume-title":"1.4 Billion Clear Text Credentials Discovered in a Single Database","year":"2017","key":"key2020071513123457400_ref003"},{"issue":"1","key":"key2020071513123457400_ref004","first-page":"387","article-title":"Password cracking based on special keyboard patterns","volume":"8","year":"2012","journal-title":"International Journal of Innovative Computing, Information and Control"},{"key":"key2020071513123457400_ref005","doi-asserted-by":"crossref","unstructured":"Das, S., Dingman, A. and Camp, L.J. (2018), \u201cWhy Johnny doesn\u2019t use two factor a two-phase usability study of the fido u2f security key\u201d, Paper presented at the Proceedings of the International Conference on Financial Cryptography and Data Security.","DOI":"10.1007\/978-3-662-58387-6_9"},{"key":"key2020071513123457400_ref025","doi-asserted-by":"crossref","unstructured":"Denis, M., Zena, C. and Hayajneh, T. (2016), \u201cPenetration testing: concepts, attack methods, and defense strategies\u201d, Paper presented at the Systems, Applications and Technology Conference (LISAT) IEEE, Long Island.","DOI":"10.1109\/LISAT.2016.7494156"},{"issue":"2","key":"key2020071513123457400_ref006","first-page":"28","article-title":"How to identify information bias due to self-reporting in epidemiological research","volume":"7","year":"2009","journal-title":"The Internet Journal of Epidemiology"},{"key":"key2020071513123457400_ref026","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1109\/MDAT.2018.2862366","article-title":"Advances in forensic data acquisition","volume":"35","year":"2018","journal-title":"IEEE Design & Test"},{"volume-title":"NIST Special Publication 800-63b: Digital Identity Guidelines","year":"2017","key":"key2020071513123457400_ref007"},{"key":"key2020071513123457400_ref008","unstructured":"haveibeenpawned.com (2018), \u201cExploit.In\u201d, available at: https:\/\/haveibeenpwned.com\/"},{"volume-title":"PassGAN: A Deep Learning Approach for Password Guessing","year":"2019","key":"key2020071513123457400_ref009"},{"key":"key2020071513123457400_ref010","unstructured":"Hunt, T. (2017), \u201cPassword reuse, credential stuffing and another billion records in have I been pwned\u201d, available at: www.troyhunt.com\/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned\/"},{"key":"key2020071513123457400_ref027","first-page":"885","article-title":"Taxonomy of challenges for digital forensics","volume-title":"Journal of forensic sciences","year":"2015"},{"key":"key2020071513123457400_ref011","unstructured":"K\u00e4vrestad, J., Zaxmy, J. and Nohlberg, M. (2019), \u201cAnalysing the usage of character groups and keyboard patterns in password usage\u201d, Paper presented at the Human Aspects of Information Security and Assurance (HAISA 2019) International Symposium on Human Aspects of Information Security and Assurance (HAISA 2019), July 15-17, 2019, Nicosia, Cyprus."},{"issue":"1","key":"key2020071513123457400_ref012","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1080\/00913367.2016.1269304","article-title":"An analysis of data quality: professional panels, student subject pools, and amazon's mechanical turk","volume":"46","year":"2017","journal-title":"Journal of Advertising"},{"volume-title":"Naturalistic Inquiry","year":"1985","key":"key2020071513123457400_ref013"},{"issue":"3","key":"key2020071513123457400_ref014","first-page":"69","article-title":"A guide to appropriate use of correlation coefficient in medical research","volume":"24","year":"2012","journal-title":"Malawi Medical Journal : The Journal of Medical Association of Malawi"},{"key":"key2020071513123457400_ref028","doi-asserted-by":"crossref","unstructured":"Nielsen, G., Vedel, M. and Jensen, C.D. (2014), \u201cImproving usability of passphrase authentication\u201d, Paper presented at theTwelfth Annual International Conference on Privacy, Security and Trust.","DOI":"10.1109\/PST.2014.6890939"},{"key":"key2020071513123457400_ref029","doi-asserted-by":"crossref","unstructured":"Parker, F., Ophoff, J., Van Belle, J.-P. and Karia, R. (2015), \u201cSecurity awareness and adoption of security controls by smartphone users\u201d, Paper presented at the Second International Conference on Information Security and Cyber Forensics (InfoSec), IEEE.","DOI":"10.1109\/InfoSec.2015.7435513"},{"key":"key2020071513123457400_ref015","doi-asserted-by":"crossref","unstructured":"Rao, A., Jha, B. and Kini, G. (2013), \u201cEffect of grammar on security of long passwords\u201d, Paper presented at the Proceedings of the third ACM conference on Data and application security and privacy, ACM, New York, NY.","DOI":"10.1145\/2435349.2435395"},{"key":"key2020071513123457400_ref030","unstructured":"Ruoti, S., Andersen, J. and Seamons, K. (2016), \u201cStrengthening password-based authentication\u201d, Paper presented at the Twelfth Symposium on Usable Privacy and Security (SOUPS)."},{"key":"key2020071513123457400_ref016","doi-asserted-by":"crossref","unstructured":"Schrittwieser, S., Mulazzani, M. and Weippl, E. (2013), \u201cEthics in security research which lines should not be crossed?\u201d, Paper presented at the Security and Privacy Workshops (SPW), IEEE, Piscataway, NJ.","DOI":"10.1109\/spw.2013.6914700"},{"key":"key2020071513123457400_ref017","unstructured":"Stobert, E. and Biddle, R. (2014), \u201cThe password life cycle: user behaviour in managing passwords\u201d, Paper presented at the Proc. SOUPS."},{"key":"key2020071513123457400_ref031","doi-asserted-by":"crossref","first-page":"1656","DOI":"10.1109\/TIFS.2015.2422259","article-title":"Cracking more password hashes with patterns","volume":"10","year":"2015","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"key2020071513123457400_ref018","unstructured":"unicode.org (2018), \u201cUnicode 11.0 character code charts\u201d, available at: http:\/\/unicode.org\/charts\/"},{"key":"key2020071513123457400_ref019","unstructured":"Ur, B., Noma, F., Bees, J. and Shay, R. (2015), \u201c\u201cI added'!'at the end to make it secure\u201d: observing password creation in the lab\u201d, Paper presented at the SOUPS."},{"key":"key2020071513123457400_ref020","doi-asserted-by":"crossref","unstructured":"Ur, B., Bees, J., Segreti, S.M., Bauer, L., Christin, N. and Cranor, L.F. (2016), \u201cDo users' perceptions of password security match reality?\u201d, Paper presented at the Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, ACM, New York, NY.","DOI":"10.1145\/2858036.2858546"},{"key":"key2020071513123457400_ref032","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1080\/15614263.2015.1128163","article-title":"Challenges in digital forensics","volume":"17","year":"2016","journal-title":"Police Practice and Research"},{"key":"key2020071513123457400_ref021","doi-asserted-by":"crossref","unstructured":"Wang, Y., Rawal, B., Duan, Q. and Zhang, P. (2017), 3-4 Feb. 2017). \u201cUsability and security go together: a case study on database\u201d, Paper presented at the 2017 Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM), IEEE, Piscataway, NJ.","DOI":"10.1109\/ICRTCCM.2017.86"},{"key":"key2020071513123457400_ref033","unstructured":"Weir, C.M. (2010), \u201cUsing probabilistic techniques to aid in password cracking attacks\u201d, Doctoral Dissertation, Florida State University."},{"key":"key2020071513123457400_ref022","unstructured":"Wheeler, D.L. (2016), \u201cZxcvbn: low-budget password strength estimation\u201d, Paper presented at the USENIX Security Symposium."},{"key":"key2020071513123457400_ref023","unstructured":"Whitten, A. and Tygar, J.D. (1999), \u201cWhy Johnny can't encrypt: a usability evaluation of PGP 5.0\u201d, Paper presented at the USENIX Security Symposium."},{"key":"key2020071513123457400_ref024","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1016\/j.ijhcs.2017.11.002","article-title":"Too many passwords? How understanding our memory can increase password memorability","volume":"111","year":"2018","journal-title":"International Journal of Human-Computer Studies"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2019-0132\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2019-0132\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:19Z","timestamp":1753406599000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/28\/3\/347-358\/199237"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,1,2]]},"references-count":33,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2020,1,2]]}},"alternative-id":["10.1108\/ICS-11-2019-0132"],"URL":"https:\/\/doi.org\/10.1108\/ics-11-2019-0132","relation":{},"ISSN":["2056-4961","2056-4961"],"issn-type":[{"type":"print","value":"2056-4961"},{"type":"print","value":"2056-4961"}],"subject":[],"published":{"date-parts":[[2020,1,2]]}}}