Security Analysis on Password Authentication System of Web Sites

Hee Kyeong Noh; Chang Kuk Choi; Min Su Park; Seung Joo Kim

Security Analysis on Password Authentication System of Web Sites

KIPS Transactions on Computer and Communication Systems, Vol. 3, No. 12, pp. 463-478, Dec. 2014

10.3745/KTCCS.2014.3.12.463, PDF Download:

Abstract

Portal site is not only providing search engine and e-mail service but also various services including blog, news, shopping, and others. The fact that average number of daily login for Korean portal site Naver is reaching 300 million suggests that many people are using portal sites. With the increase in number of users followed by the diversity in types of services provided by portal sites, the attack is also increasing. Most of studies of password authentication is focused on threat and countermeasures, however, in this study, we analyse the security threats and security requirement of membership, login, password reset first phase, password reset second phase. Also, we measure security score with common criteria of attack potential. As a result, we compare password authentication system of domestic and abroad portal sites.

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

H. K. Noh, C. K. Choi, M. S. Park, S. J. Kim, "Security Analysis on Password Authentication System of Web Sites," KIPS Transactions on Computer and Communication Systems, vol. 3, no. 12, pp. 463-478, 2014. DOI: 10.3745/KTCCS.2014.3.12.463.

[ACM Style]

Hee Kyeong Noh, Chang Kuk Choi, Min Su Park, and Seung Joo Kim. 2014. Security Analysis on Password Authentication System of Web Sites. KIPS Transactions on Computer and Communication Systems, 3, 12, (2014), 463-478. DOI: 10.3745/KTCCS.2014.3.12.463.