Implementation of honeywords as a codeigniter library for a solution to password-cracking detection

Abstract

Stolen files of password hashes is a common threat to web-based authentication. The password hashes can be cracked with new methods that are considered faster and easier. The attacker can just log-in to the system using the original password resulting from cracking without being detected. To answer these problems, researchers has proposed methods to detect password cracking such as honeywords. In this study we will try to implement an existing-user honeywords scheme into the form of a CodeIgniter web-based library. Honeywords is a decoy passwords that are used as feeds. Library of this study, is expected to be used by web application developers as an alternative authentication library.