Account takeover prevention: techniques and data quality

Prevention techniques

Figure 1: techniques used for account takeover prevention

Banned-password list

  • Passwords that were used at some time by someone somewhere in the world (‘123456’, ‘password’ etc.).
  • Passwords based on context specific words (‘MyCompany’, ‘CompanyHometown’ etc.).

Email breach notification

  1. Your email address is part of a data breach and no other details were stolen. This is a common case.
  2. Your email address and other details including a password in an unknown format were stolen. This is a common case.
  3. Your email address and other details including a hashed password in an uncrackable format were stolen. This is a common case.
  4. Your email address and other details including a hashed password in a crackable format were stolen. This is a common case.
  5. Your email address and other details including a plain text password were stolen. This case is less common.

Credential breach notification

  1. Your email address and other details including a password in an unknown format were stolen.
  2. Your email address and other details including a hashed password in an uncrackable format were stolen.
  3. Your email address and other details including a hashed password in a crackable format were stolen.
  4. Your email address and plain text password were stolen.

Password breach notification

  1. Your email address and plain text password were stolen.
  2. Your email address and hashed password in a crackable format were stolen and have successfully been cracked.
Figure 2: actionable versus non-actionable data of hashed passwords in data breaches

Data quality

  1. Collect data breaches.
  2. Filter out records with valid email addresses and plain text passwords. Add results to the database.
  3. Filter out records with valid email addresses and credentials.
  4. Verify if credentials are crackable:
    - No: tag as unknown format, do not add to the database.
    - Yes: proceed to the next step.
  5. Crack hashed passwords.
  6. Remove duplicate data from unknown sources.
Figure 3: an obviously incorrect result as a result of poor email parsing
Figure 4: at least partly an email breach notification service
Figure 5: at least a credential breach notification service
Figure 6: one source record, seven(!) duplicates from combo list data

Conclusion

--

--

--

Find Your Hacked Passwords - Prevent Account Takeover.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

ZoomEye 2020 has started

Part 3— KyberSwap Implements Advanced Reserve Routing to Further Reduce Gas Fees

{UPDATE} LeYo! - Entdecken Hack Free Resources Generator

DeFi protocol Aave encounters major capital flight

BOMB CRYPTO: A NOSTALGIC GAME

How digital ID is driving global business opportunities

{UPDATE} What's Your Story?™ Hack Free Resources Generator

RETH TGE and Listing Guide

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ScatteredSecrets.com

ScatteredSecrets.com

Find Your Hacked Passwords - Prevent Account Takeover.

More from Medium

Credit Checker: Speed up your credit decision-making process with an automated Salesforce-native…

Start your day with a walk (dog optional) and feel great all morning

How to Perform a Bank Reconciliation — Everything You Need to Know

Moving from Intention to Action with Accenture, Avanade and Microsoft Sustainability Solutions