{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:57:47Z","timestamp":1772042267018,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,3,13]],"date-time":"2018-03-13T00:00:00Z","timestamp":1520899200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-1717028"],"award-info":[{"award-number":["CNS-1717028"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,3,13]]},"DOI":"10.1145\/3176258.3176332","type":"proceedings-article","created":{"date-parts":[[2018,3,15]],"date-time":"2018-03-15T13:22:14Z","timestamp":1521120134000},"page":"196-203","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":41,"title":["The Next Domino to Fall"],"prefix":"10.1145","author":[{"given":"Chun","family":"Wang","sequence":"first","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]},{"given":"Steve T.K.","family":"Jan","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]},{"given":"Hang","family":"Hu","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]},{"given":"Douglas","family":"Bossart","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]},{"given":"Gang","family":"Wang","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]}],"member":"320","published-online":{"date-parts":[[2018,3,13]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Abusewith. 2017. Abusewith. http:\/\/abusewith.us\/. (2017).  Abusewith. 2017. Abusewith. http:\/\/abusewith.us\/. (2017)."},{"key":"e_1_3_2_1_2_1","unstructured":"Breach Alarm. 2017. Breach Alarm. https:\/\/breachalarm.com\/all-sources\/. (2017).  Breach Alarm. 2017. Breach Alarm. https:\/\/breachalarm.com\/all-sources\/. (2017)."},{"key":"e_1_3_2_1_3_1","volume-title":"Natural Language Processing with Python","author":"Bird Steven","unstructured":"Steven Bird , Ewan Klein , and Edward Loper . 2009. Natural Language Processing with Python ( 1 st ed.). O'Reilly Media, Inc. Steven Bird, Ewan Klein, and Edward Loper. 2009. Natural Language Processing with Python (1st ed.). O'Reilly Media, Inc.","edition":"1"},{"key":"e_1_3_2_1_4_1","unstructured":"Kate Conger. 2016. Dropbox employee's password reuse led to theft of 60M user credentials. TechCrunch. (2016)  Kate Conger. 2016. Dropbox employee's password reuse led to theft of 60M user credentials. TechCrunch. (2016)"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23357"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242661"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435373"},{"key":"e_1_3_2_1_8_1","unstructured":"HIBP. 2017. Have I Been Pwned. https:\/\/haveibeenpwned.com\/. (2017).  HIBP. 2017. Have I Been Pwned. https:\/\/haveibeenpwned.com\/. (2017)."},{"key":"e_1_3_2_1_9_1","volume-title":"2015 a. Zero-Sum Password Cracking Game: A Large-Scale Empirical Study on the Crackability, Correlation, and Security of Passwords","author":"Ji Shouling","year":"2015","unstructured":"Shouling Ji , Shukun Yang , Xin Hu , Weili Han , Zhigong Li , and Beyah. 2015 a. Zero-Sum Password Cracking Game: A Large-Scale Empirical Study on the Crackability, Correlation, and Security of Passwords . IEEE TDSC Vol. PP , 99 ( 2015 ), 1-1. Shouling Ji, Shukun Yang, Xin Hu, Weili Han, Zhigong Li, and Beyah. 2015 a. Zero-Sum Password Cracking Game: A Large-Scale Empirical Study on the Crackability, Correlation, and Security of Passwords. IEEE TDSC Vol. PP, 99 (2015), 1-1."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818018"},{"key":"e_1_3_2_1_11_1","unstructured":"JtR. 2017. John the Ripper. http:\/\/www.openwall.com\/john\/. (2017).  JtR. 2017. John the Ripper. http:\/\/www.openwall.com\/john\/. (2017)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.38"},{"key":"e_1_3_2_1_13_1","volume-title":"A Large-scale Analysis of the Mnemonic Password Advice Proc. of NDSS'17","author":"Kiesel Johannes","unstructured":"Johannes Kiesel , Benno Stein , and Stefan Lucks . 2017. A Large-scale Analysis of the Mnemonic Password Advice Proc. of NDSS'17 . Johannes Kiesel, Benno Stein, and Stefan Lucks. 2017. A Large-scale Analysis of the Mnemonic Password Advice Proc. of NDSS'17."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979321"},{"key":"e_1_3_2_1_15_1","volume-title":"A Study of Personal Information in Human-chosen Passwords and Its Security Implications Proc. of INFOCOM'16","author":"Li Yue","unstructured":"Yue Li , Haining Wang , and Kun Sun . 2016. A Study of Personal Information in Human-chosen Passwords and Its Security Implications Proc. of INFOCOM'16 . Yue Li, Haining Wang, and Kun Sun. 2016. A Study of Personal Information in Human-chosen Passwords and Its Security Implications Proc. of INFOCOM'16."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.50"},{"key":"e_1_3_2_1_17_1","volume-title":"Introduction to Information Retrieval","author":"Manning Christopher D.","unstructured":"Christopher D. Manning , Prabhakar Raghavan , and Hinrich Sch\u00fctze . 2008. Introduction to Information Retrieval . Cambridge University Press . Christopher D. Manning, Prabhakar Raghavan, and Hinrich Sch\u00fctze. 2008. Introduction to Information Retrieval. Cambridge University Press."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516726"},{"key":"e_1_3_2_1_19_1","unstructured":"William Melicher Blase Ur Sean M. Segreti Saranga Komanduri Lujo Bauer Nicolas Christin and Lorrie Faith Cranor. 2016. Fast Lean and Accurate: Modeling Password Guessability Using Neural Networks Proc. of USENIX Security'16.  William Melicher Blase Ur Sean M. Segreti Saranga Komanduri Lujo Bauer Nicolas Christin and Lorrie Faith Cranor. 2016. Fast Lean and Accurate: Modeling Password Guessability Using Neural Networks Proc. of USENIX Security'16."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102168"},{"key":"e_1_3_2_1_21_1","volume-title":"Proc. of AISC'09","author":"Notoatmodjo Gilbert","year":"2009","unstructured":"Gilbert Notoatmodjo and Clark Thomborson . 2009 . Passwords and Perceptions . In Proc. of AISC'09 . Gilbert Notoatmodjo and Clark Thomborson. 2009. Passwords and Perceptions. In Proc. of AISC'09."},{"key":"e_1_3_2_1_22_1","volume-title":"On the Privacy Impacts of Publicly Leaked Password Databases Proc. of DIMVA'17","author":"Olivier Heen","year":"2017","unstructured":"Heen Olivier and Neumann Christoph . 2017 . On the Privacy Impacts of Publicly Leaked Password Databases Proc. of DIMVA'17 . Heen Olivier and Neumann Christoph. 2017. On the Privacy Impacts of Publicly Leaked Password Databases Proc. of DIMVA'17."},{"key":"e_1_3_2_1_23_1","unstructured":"Pierluigi Paganini. 2016. Reuse of login credentials put more than 20M Alibaba accounts at risk. Security Affairs. (2016).  Pierluigi Paganini. 2016. Reuse of login credentials put more than 20M Alibaba accounts at risk. Security Affairs. (2016)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133973"},{"key":"e_1_3_2_1_25_1","unstructured":"Roi Perez. 2017. Hacker publicly releases 900GB of data stolen from Cellebrite. SC Magazine. (2017).  Roi Perez. 2017. Hacker publicly releases 900GB of data stolen from Cellebrite. SC Magazine. (2017)."},{"key":"e_1_3_2_1_26_1","unstructured":"Sarah Perez. 2016. 117 million LinkedIn emails and passwords from a 2012 hack just got posted online. TechCrunch. (2016).  Sarah Perez. 2016. 117 million LinkedIn emails and passwords from a 2012 hack just got posted online. TechCrunch. (2016)."},{"key":"e_1_3_2_1_27_1","unstructured":"QNTM. 2017. Leet Transformation. https:\/\/qntm.org\/l33t. (2017).  QNTM. 2017. Leet Transformation. https:\/\/qntm.org\/l33t. (2017)."},{"key":"e_1_3_2_1_28_1","unstructured":"Steve Ragan. 2015. Mozilla's bug tracking portal compromised reused passwords to blame. CSO. (2015).  Steve Ragan. 2015. Mozilla's bug tracking portal compromised reused passwords to blame. CSO. (2015)."},{"key":"e_1_3_2_1_29_1","unstructured":"TOBIAS SALINGER. 2015. Hackers post personal data stolen from adultery website Ashley Madison to dark web: reports. NY DailyNews. (2015).  TOBIAS SALINGER. 2015. Hackers post personal data stolen from adultery website Ashley Madison to dark web: reports. NY DailyNews. (2015)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1837110.1837113"},{"key":"e_1_3_2_1_31_1","unstructured":"OLIVIA SOLON . 2014. NHS patient data made publicly available online. Wired. (2014). http:\/\/www.wired.co.uk\/article\/care-data-leaks  OLIVIA SOLON . 2014. NHS patient data made publicly available online. Wired. (2014). http:\/\/www.wired.co.uk\/article\/care-data-leaks"},{"key":"e_1_3_2_1_32_1","volume-title":"The Password Life Cycle: User Behaviour in Managing Passwords Procs. of SOUPS'14","author":"Stobert Elizabeth","year":"2014","unstructured":"Elizabeth Stobert and Robert Biddle . 2014 . The Password Life Cycle: User Behaviour in Managing Passwords Procs. of SOUPS'14 . Elizabeth Stobert and Robert Biddle. 2014. The Password Life Cycle: User Behaviour in Managing Passwords Procs. of SOUPS'14."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134067"},{"key":"e_1_3_2_1_34_1","volume-title":"Proc. of SOUPS '15","author":"Blase","unstructured":"Blase Ur et almbox. . 2015 a. I Added textquoteright!textquoteright at the End to Make It Secure: Observing Password Creation in the Lab . In Proc. of SOUPS '15 . Blase Ur et almbox. . 2015 a. I Added textquoteright!textquoteright at the End to Make It Secure: Observing Password Creation in the Lab. In Proc. of SOUPS '15."},{"key":"e_1_3_2_1_35_1","volume-title":"Measuring Real-world Accuracies and Biases in Modeling Password Guessability Proc. of USENIX Security'15","author":"Blase","unstructured":"Blase Ur et almbox. . 2015 b . Measuring Real-world Accuracies and Biases in Modeling Password Guessability Proc. of USENIX Security'15 . Blase Ur et almbox. . 2015 b. Measuring Real-world Accuracies and Biases in Modeling Password Guessability Proc. of USENIX Security'15."},{"key":"e_1_3_2_1_36_1","volume-title":"On Semantic Patterns of Passwords and their Security Impact Proc. of NDSS'14","author":"Veras Rafael","unstructured":"Rafael Veras , Christopher Collins , and Julie Thorpe . 2014. On Semantic Patterns of Passwords and their Security Impact Proc. of NDSS'14 . Rafael Veras, Christopher Collins, and Julie Thorpe. 2014. On Semantic Patterns of Passwords and their Security Impact Proc. of NDSS'14."},{"key":"e_1_3_2_1_37_1","unstructured":"Verizon . 2017. Verizon's Data Breach Investigations Report. http:\/\/www.verizonenterprise.com\/verizon-insights-lab\/dbir\/2017\/. (2017).  Verizon . 2017. Verizon's Data Breach Investigations Report. http:\/\/www.verizonenterprise.com\/verizon-insights-lab\/dbir\/2017\/. (2017)."},{"key":"e_1_3_2_1_38_1","unstructured":"Vigilante. 2017. Vigilante. https:\/\/www.vigilante.pw\/. (2017).  Vigilante. 2017. Vigilante. https:\/\/www.vigilante.pw\/. (2017)."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978339"},{"key":"e_1_3_2_1_40_1","volume-title":"Proc. of SOUPS'16","author":"Wash Rick","year":"2016","unstructured":"Rick Wash , Emilee Rader , Ruthie Berman , and Zac Wellmer . 2016 . Understanding Password Choices: How Frequently Entered Passwords Are Re-used across Websites . In Proc. of SOUPS'16 . Rick Wash, Emilee Rader, Ruthie Berman, and Zac Wellmer. 2016. Understanding Password Choices: How Frequently Entered Passwords Are Re-used across Websites. In Proc. of SOUPS'16."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.8"},{"key":"e_1_3_2_1_42_1","unstructured":"Joon Ian Wong . 2016. Stolen Dropbox passwords are circulating online. Here's how to check if your account's compromised. Quartz. (2016).  Joon Ian Wong . 2016. Stolen Dropbox passwords are circulating online. Here's how to check if your account's compromised. Quartz. (2016)."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866328"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"crossref","unstructured":"Leah Zhang-Kennedy Sonia Chiasson and Paul van Oorschot. 2016. Revisiting password rules: facilitating human management of passwords Proc. of eCrime'16.  Leah Zhang-Kennedy Sonia Chiasson and Paul van Oorschot. 2016. Revisiting password rules: facilitating human management of passwords Proc. of eCrime'16.","DOI":"10.1109\/ECRIME.2016.7487945"}],"event":{"name":"CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy","location":"Tempe AZ USA","acronym":"CODASPY '18","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3176258.3176332","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3176258.3176332","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3176258.3176332","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:26:40Z","timestamp":1750213600000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3176258.3176332"}},"subtitle":["Empirical Analysis of User Passwords across Online Services"],"short-title":[],"issued":{"date-parts":[[2018,3,13]]},"references-count":44,"alternative-id":["10.1145\/3176258.3176332","10.1145\/3176258"],"URL":"https:\/\/doi.org\/10.1145\/3176258.3176332","relation":{},"subject":[],"published":{"date-parts":[[2018,3,13]]},"assertion":[{"value":"2018-03-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}