{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T14:43:39Z","timestamp":1740149019620,"version":"3.37.3"},"reference-count":12,"publisher":"Wiley","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Key R&D Program of China","award":["2016YFB0800603","2017YFB1200700","61472016"],"award-info":[{"award-number":["2016YFB0800603","2017YFB1200700","61472016"]}]},{"name":"National Key R&D Program of China","award":["2016YFB0800603","2017YFB1200700","61472016"],"award-info":[{"award-number":["2016YFB0800603","2017YFB1200700","61472016"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016YFB0800603","2017YFB1200700","61472016"],"award-info":[{"award-number":["2016YFB0800603","2017YFB1200700","61472016"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2018]]},"abstract":"<jats:p>We present in this paper an alternative method for understanding user-chosen passwords. In password research, much attention has been given to increasing the security and usability of individual passwords for common users. Few of them focus on the relationships between passwords; therefore we explore the relationships between passwords: modification-based, similarity-based, and probability-based. By regarding passwords as vertices, we shed light on how to transform a dataset of passwords into a password graph. Subsequently, we introduce some novel notions from graph theory and report on a number of inner properties of passwords from the perspective of graph. With the assistance of Python Graph-tool, we are able to visualize our password graph to deliver an intuitive grasp of user-chosen passwords. Five real-world password datasets are used in our experiments to fulfill our thorough experiments. We discover that <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\" id=\"M1\"><mml:mo stretchy=\"false\">(<\/mml:mo><mml:mn fontstyle=\"italic\">1<\/mml:mn><mml:mo stretchy=\"false\">)<\/mml:mo><\/mml:math> some passwords in a dataset are tightly connected with each other; <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\" id=\"M2\"><mml:mo stretchy=\"false\">(<\/mml:mo><mml:mn fontstyle=\"italic\">2<\/mml:mn><mml:mo stretchy=\"false\">)<\/mml:mo><\/mml:math> they have the tendency to gather together as a cluster like they are in a social network; <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\" id=\"M3\"><mml:mo stretchy=\"false\">(<\/mml:mo><mml:mn fontstyle=\"italic\">3<\/mml:mn><mml:mo stretchy=\"false\">)<\/mml:mo><\/mml:math> password graph has logarithmic distribution for its degrees. Top clusters in password graph could be exploited to obtain the effective mangling rules for cracking passwords. Also, password graph can be utilized for a new kind of password strength meter.<\/jats:p>","DOI":"10.1155\/2018\/6160125","type":"journal-article","created":{"date-parts":[[2018,1,28]],"date-time":"2018-01-28T18:32:08Z","timestamp":1517164328000},"page":"1-12","source":"Crossref","is-referenced-by-count":4,"title":["An Alternative Method for Understanding User-Chosen Passwords"],"prefix":"10.1155","volume":"2018","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3348-0253","authenticated-orcid":true,"given":"Zhixiong","family":"Zheng","sequence":"first","affiliation":[{"name":"School of Electronic and Computer Engineering, Peking University Shenzhen Graduate School, Shenzhen 518055, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6677-463X","authenticated-orcid":true,"given":"Haibo","family":"Cheng","sequence":"additional","affiliation":[{"name":"School of Electronics Engineering and Computer Science, Peking University, Beijing 100871, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8125-2311","authenticated-orcid":true,"given":"Zijian","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Electronic and Computer Engineering, Peking University Shenzhen Graduate School, Shenzhen 518055, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0823-3135","authenticated-orcid":true,"given":"Yiming","family":"Zhao","sequence":"additional","affiliation":[{"name":"School of Software and Microelectronics, Peking University, Beijing 102600, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8854-2079","authenticated-orcid":true,"given":"Ping","family":"Wang","sequence":"additional","affiliation":[{"name":"School of Software and Microelectronics, Peking University, Beijing 102600, China"},{"name":"National Engineering Research Center for Software Engineering, Peking University, Beijing 100871, China"},{"name":"Key Laboratory of High Confidence Software Technologies (PKU), Ministry of Education, Beijing 100871, China"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1145\/2701423"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2006.873653"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.81"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1145\/2408776.2408790"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1145\/2699390"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1145\/322796.322806"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1145\/975817.975820"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2721359"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1145\/359168.359172"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(89)90049-7"},{"issue":"8","key":"36","first-page":"707","volume":"10","year":"1966","journal-title":"Soviet Physics\u2014Doklady"},{"key":"39","first-page":"A1","volume":"20","year":"2010","journal-title":"The New York Times"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2018\/6160125.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2018\/6160125.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2018\/6160125.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,1,28]],"date-time":"2018-01-28T18:32:14Z","timestamp":1517164334000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2018\/6160125\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"references-count":12,"alternative-id":["6160125","6160125"],"URL":"https:\/\/doi.org\/10.1155\/2018\/6160125","relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"type":"print","value":"1939-0114"},{"type":"electronic","value":"1939-0122"}],"subject":[],"published":{"date-parts":[[2018]]}}}