๐ Finding out honeypot accounts while using honeywords for password storing.
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: reddit.com
I am trying to read Achieving Flatness: Selecting the Honeywords from Existing User Passwords which suggests a better way for generating honeywords. In the procedure, we initially create a certain number of fake accounts (honeypot accounts) with passwords. While trying to authenticate a user if there is a match in the honeyindex set, how do I determine whether the match is a real user account or if it is a honeypot account?
[link] [comments] ...