In all, a total of 126 published papers have cited and adopted Wang et al.'s CDF-Zipf model (and/or PDF-Zipf model). These papers can be categorized into eight groups according to their domains: Password cracking, cryptographic protocol, policy, leakage detection, encryption, PINs, and characteristic analysis. The details are as follows: 1 Password cracking 1.1 [IEEE S&P'22] How to Attack and Generate Honeywords, https://www.computer.org/csdl/proceedings-article/sp/2022/131600a489/1wKCexo0aoE 1.2 [Computers & Security'22] Cognitively Reconfigurable Mimic-Based Heterogeneous Password Recovery System, https://www.sciencedirect.com/science/article/pii/S0167404822000669 1.3 [ICICS'21] Studies of Keyboard Patterns in Passwords: Recognition, Characteristics and Strength Evolution, https://link.springer.com/chapter/10.1007/978-3-030-86890-1_9 1.4 [IEEE TIFS'21] Leet Usage and Its Effect on Password Security, https://ieeexplore.ieee.org/abstract/document/9316928 1.5 [IEEE TIFS'20] TransPCFG: Transferring the Grammars from Short Passwords to Guess Long Passwords Effectively, https://ieeexplore.ieee.org/abstract/document/9121288 1.6 [HPSC'20] PassGAN Based Honeywords System for Machine-Generated Passwords Database, https://ieeexplore.ieee.org/abstract/document/9123038 1.7 [CSAE'20] Trie Tree Probabilistic Password Cracking Method Based on FPGA, https://dl.acm.org/doi/pdf/10.1145/3424978.3425021?casa_token=xGkhjRrhjXkAAAAA:OYfw_Q4g2GuSf7m1zBSulWbZ1yeEO5vgjM0ONoW7NJH0AuBO8oE-kdvD_Hg-lAlUxvgXH3wp2t8KxvY 1.8 [IEEE Access'20] Reconfigurable and High-Efficiency Password Recovery Algorithms Based on HRCA, https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9328759 1.9 [IEEE TIFS'19] Why Botnets Work: Distributed Brute-force Attacks Need No Synchronization, https://ieeexplore.ieee.org/abstract/document/8629000 1.10 [IEEE S&P'18] On the Economics of Offline Password Cracking, https://ieeexplore.ieee.org/abstract/document/8418642/ 1.11 [NDSS'18] A Security Analysis of Honeyword, http://wangdingg.weebly.com/uploads/2/0/3/6/20366987/ndss18final_fullv9.pdf 1.12 [IEEE CyberC'18] Algorithm to Generate Password Structure Dictionary Based on Gene Bank, https://ieeexplore.ieee.org/abstract/document/8644557 2 Password-based cryptographic protocols 2.1 [SciChina'22] Efficient Privacy-Preserving User Authentication Scheme with Forward Secrecy for Industry 4.0, http://scis.scichina.com/en/2022/112301.pdf 2.2 [IEEE TII'22] An Efficient and Provably Secure Certificateless Protocol for Industrial Internet of Things, https://ieeexplore.ieee.org/abstract/document/9729405 2.3 [Computer Networks'22] SETCAP: Service-Based Energy-Efficient Temporal Credential Authentication Protocol for Internet of Drones, https://www.sciencedirect.com/science/article/pii/S1389128622000305 2.4 [Supercomput'22] A Provably Secure Lightweight Authentication Protocol in Mobile Edge Computing Environments, https://link.springer.com/article/10.1007/s11227-022-04411-9 2.5 [Ad Hoc Networks'22] A Secure Three-Factor Authentication Scheme for Multi-Gateway Wireless Sensor Networks Based on Elliptic Curve Cryptography, https://www.sciencedirect.com/science/article/pii/S1570870521002481 2.6 [Computers & Electrical Engineering'22] A Low-Cost Privacy Preserving User Access in Mobile Edge Computing Framework, https://www.sciencedirect.com/science/article/pii/S0045790622000143 2.7 [CMC'22] Blockchain-Based Robust Data Security Scheme in IoT-Enabled Smart Home, https://www.researchgate.net/profile/Anusha-Vangala-2/publication/359557773_Blockchain-Based_Robust_Data_Security_Scheme_in_IoT-Enabled_Smart_Home/links/62456abb8068956f3c5bbc6e/Blockchain-Based-Robust-Data-Security-Scheme-in-IoT-Enabled-Smart-Home.pdf 2.8 [SCN'21] Improved ECC-Based Three-Factor Multiserver Authentication Scheme, https://www.hindawi.com/journals/scn/2021/6627956/ 2.9 [IEEE IoT'21] Secure Multifactor Authenticated Key Agreement Scheme for Industrial IoT, https://ieeexplore.ieee.org/abstract/document/9199812 2.10 [IEEE IoT'21] Designing Secure User Authentication Protocol for Big Data Collection in IoT-Based Intelligent Transportation System, https://ieeexplore.ieee.org/abstract/document/9272616 2.11 [MISY'21] A Lightweight Authenticated Key Agreement Protocol Using Fog Nodes in Social Internet of Vehicles, https://www.hindawi.com/journals/misy/2021/3277113/ 2.12 [Sensors'21] WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks, https://scholar.google.com/scholar?start=70&hl=zh-CN&as_sdt=2005&sciodt=0,5&cites=1772148969621064574&scipsc= 2.13 [Sensors'21] A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes, https://www.mdpi.com/1424-8220/21/4/1488/htm 2.14 [IEEE TVT'21] On the Design of Mutual Authentication and Key Agreement Protocol in Internet of Vehicles-Enabled Intelligent Transportation System, https://ieeexplore.ieee.org/abstract/document/9319539 2.15 [ETT'21] Fuzzy Vault-Based Three-Factor Authentication and Key Exchange for 5G-Integrated Wireless Sensor Networks, https://onlinelibrary.wiley.com/doi/epdf/10.1002/ett.3925?saml_referrer 2.16 [IEEE TITS'21] Authenticated Key Agreement Scheme with User Anonymity and Untraceability for 5G-Enabled Softwarized Industrial Cyber-Physical Systems, https://ieeexplore.ieee.org/abstract/document/9356467 2.17 [FGCS'21] Security Preservation in Industrial Medical CPS Using Chebyshev map: An AI Approach, https://www.sciencedirect.com/science/article/pii/S0167739X21000881 2.18 [Peer-to-Peer Networking and Applications'21] An Efficient Three-Factor Remote User Authentication Protocol Based on BPV-FourQ for Internet of Drones, https://link.springer.com/article/10.1007/s12083-021-01130-5 2.19 [SCN'21] A Provably Secure Authentication and Key Exchange Protocol in Vehicular Ad Hoc Networks, https://www.hindawi.com/journals/scn/2021/9944460/ 2.20 [CPE'21] Provably Secure Signature-Based Anonymous User Authentication Protocol in an Internet of Things-Enabled Intelligent Precision Agricultural Environment, https://onlinelibrary.wiley.com/doi/full/10.1002/cpe.6187 2.21 [IEEE TNSE'21] Secure and Efficient Honey List-Based Authentication Protocol for Vehicular Ad Hoc Networks, https://ieeexplore.ieee.org/abstract/document/9468344 2.22 [SYSARC'21] ICAS: Two-Factor Identity-Concealed Authentication Scheme for Remote-Servers, https://www.sciencedirect.com/science/article/pii/S1383762121000655 2.23 [SCN'21] Fog-Driven Secure Authentication and Key Exchange Scheme for Wearable Health Monitoring System, https://www.hindawi.com/journals/scn/2021/8368646/ 2.24 [IEEE TDSC'21] Quantum2FA: Efficient Quantum-Resistant Two-Factor Authentication Scheme for Mobile Devices https://ieeexplore.ieee.org/abstract/document/9623421 2.25 [Drones'21] Amassing the Security: An Enhanced Authentication Protocol for Drone Communications over 5G Networks, https://www.mdpi.com/2504-446X/6/1/10/htm 2.26 [FCS'21] On Designing an Unaided Authentication Service with Threat Detection and Leakage Control for Defeating Opportunistic Adversaries, https://link.springer.com/article/10.1007/s11704-019-9134-9 2.27 [SCN'21] Revisiting a Multifactor Authentication Scheme in Industrial IoT, https://www.hindawi.com/journals/scn/2021/9995832/ 2.28 [Sysarc'21] Understanding Security Failures of Anonymous Authentication Schemes for Cloud Environments, https://www.sciencedirect.com/science/article/pii/S1383762121001478 2.29 [JISA'21] A Blockchain Based Secure Communication Framework for Community Interaction, https://www.sciencedirect.com/science/article/pii/S2214212621000351 2.30 [IEEE JSYST'21] DssP: Efficient Dual-Server Secret Sharing Protocol Based on Password Authentication for Cloud Storage Services, https://ieeexplore.ieee.org/abstract/document/9598891 2.31 [SCN'21] Attacks and Solutions for a Two-Factor Authentication Protocol for Wireless Body Area Networks, https://www.hindawi.com/journals/scn/2021/3116593/ 2.32 [Sysarc'21] Secure User Authentication Mechanism for IoT-enabled Wireless Sensor Networks Based on Multiple Bloom Filters, https://www.sciencedirect.com/science/article/pii/S1383762121002058 2.33 [Sysarc'21] BUAKA-CS: Blockchain-Enabled User Authentication and Key Agreement Scheme for Crowdsourcing System, https://www.sciencedirect.com/science/article/pii/S1383762121002563 2.34 [WCMC'21] Provably Secure Client-Server Key Management Scheme in 5G Networks, https://www.hindawi.com/journals/wcmc/2021/4083199/ 2.35 [WCMC'21] A Provably Secure Three-Factor Authentication Protocol for Wireless Sensor Networks, https://www.proquest.com/docview/2518013358?pq-origsite=gscholar&fromopenview=true 2.36 [WCMC'21] Provably Secure ECC-Based Three-Factor Authentication Scheme for Mobile Cloud Computing with Offline Registration Centre, https://www.hindawi.com/journals/wcmc/2021/8848032/ 2.37 [IEEE TVT'21] Block-CLAP: Blockchain-Assisted Certificateless Key Agreement Protocol for Internet of Vehicles in Smart Transportation, https://ieeexplore.ieee.org/abstract/document/9462433 2.38 [SCN'21] A Blockchain-Based Hierarchical Authentication Scheme for Multiserver Architecture, https://www.hindawi.com/journals/scn/2021/5592119/ 2.39 [Sensors'21] Provably Secure Three-Factor-Based Mutual Authentication Scheme with PUF for Wireless Medical Sensor Networks, https://www.mdpi.com/1424-8220/21/18/6039/htm 2.40 [SCN'21] A Provably Secure Authentication and Key Agreement Protocol in Cloud-Based Smart Healthcare Environments, https://www.hindawi.com/journals/scn/2021/2299632/ 2.41 [ISPEC'21] PUOKMS: Password-Protected Updatable Oblivious Key Management System for Cloud Storage, https://link.springer.com/chapter/10.1007/978-3-030-93206-0_8 2.42 [SCN'21] Improved Secure and Lightweight Authentication Scheme for Next-Generation IoT Infrastructure, https://www.hindawi.com/journals/scn/2021/6537678/ 2.43 [IEEE Access'21] On the Design of Lightweight and Secure Mutual Authentication System for Global Roaming in Resource-Limited Mobility Networks, https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9319149 2.44 [IEEE Access'21] Lightweight three-factor-based Privacy-Preserving Authentication Scheme for IoT-Enabled Smart Homes, https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9531969 2.45 [IEEE Access'21] A Secure Authentication Protocol for Multi-Server-Based E-Healthcare Using a Fuzzy Commitment Scheme, https://web.archive.org/web/20210429064406id_/https://ieeexplore.ieee.org/ielx7/6287639/8600701/08620682.pdf 2.46 [Computer Networks'20] A Lightweight and Secure Two-Factor Authentication Scheme for Wireless Body Area Networks in Health-Care IoT, https://www.sciencedirect.com/science/article/pii/S1389128619316457 2.47 [IEEE IoT'20] Certificateless-Signcryption-Based Three-Factor User Access Control Scheme for IoT Environment, https://ieeexplore.ieee.org/abstract/document/8957688 2.48 [Computer&Security'20] Understanding Security Failures of Multi-Factor Authentication Schemes for Multi-Server Environments, https://www.sciencedirect.com/science/article/pii/S016740481930166X 2.49 [TCPS'20] Efficient Multi-Factor User Authentication Protocol with Forward Secrecy for Real-Time Data Access in WSNs, https://dl.acm.org/doi/abs/10.1145/3325130?casa_token=WxuDXSWhD74AAAAA:04EvM8Wxg5jf_EQX9PDXil4YNQ37COpjbsmHzX8fawqt5ycZR1e1nDbJvzT2wYXMmFOxB25XyWFJi9gn 2.50 [TCPS'20] Efficient Multi-Factor User Authentication Protocol with Forward Secrecy for Real-Time Data Access in WSNs, https://dl.acm.org/doi/abs/10.1145/3325130?casa_token=WxuDXSWhD74AAAAA:04EvM8Wxg5jf_EQX9PDXil4YNQ37COpjbsmHzX8fawqt5ycZR1e1nDbJvzT2wYXMmFOxB25XyWFJi9gn 2.51 [JISA'20] Multi-Authority CP-ABE-Based User Access Control Scheme with Constant-Size Key and Ciphertext for IoT Deployment, https://www.sciencedirect.com/science/article/pii/S2214212619310178 2.52 [AppISci'20] Privacy-Preserving Lightweight Authentication Protocol for Demand Response Management in Smart Grid Environment, https://www.mdpi.com/2076-3417/10/5/1758/htm 2.53 [WCMC'20] A Robust IoT-Based Three-Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure, https://www.hindawi.com/journals/wcmc/2020/3805058/ 2.54 [Sensors'20] An Efficient, Anonymous and Robust Authentication Scheme for Smart Home Environments, https://www.mdpi.com/1424-8220/20/4/1215/htm 2.55 [SCN'20] Cryptanalysis and Security Improvement of Two Authentication Schemes for Healthcare Systems Using Wireless Medical Sensor Networks, https://www.hindawi.com/journals/scn/2020/5047379/ 2.56 [AppISci'20] A Secure and Efficient Three-Factor Authentication Protocol in Global Mobility Networks, https://www.mdpi.com/2076-3417/10/10/3565/htm 2.57 [WCMC'20] An Improved Anonymous Authentication Protocol for Wearable Health Monitoring Systems, https://www.hindawi.com/journals/wcmc/2020/5686498/ 2.58 [Sensors'20] SLUA-WSN: Secure and Lightweight Three-Factor-Based User Authentication Protocol for Wireless Sensor Networks, https://www.mdpi.com/1424-8220/20/15/4143/htm 2.59 [AppISci'20] Secure Key Agreement and Authentication Protocol for Message Confirmation in Vehicular Cloud Computing, https://www.mdpi.com/2076-3417/10/18/6268/htm 2.60 [SciChina'20] A Privacy Preserving Two-Factor Authentication Protocol for the Bitcoin SPV Nodes, http://scis.scichina.com/en/2020/130103.pdf 2.61 [ Cryptologia'20] Cryptanalysis and Improvement of Authentication Scheme for Roaming Service in Ubiquitous Network, https://www.tandfonline.com/doi/abs/10.1080/01611194.2019.1706061 2.62 [JAIHC'20] ILAS-IoT: An Improved and Lightweight Authentication Scheme for IoT Deployment,http://acikerisim.gelisim.edu.tr/xmlui/bitstream/handle/11363/2425/Alzahrani2020_Article_ILAS-IoTAnImprovedAndLightweig.pdf?sequence=1&isAllowed=y 2.63 [IoT'20] Security and Privacy-Preserving in E-health: a New Framework for Patient,https://www.sciencedirect.com/science/article/pii/S2542660520301220 2.64 [JSSS'20] Revisiting Three Anonymous Two-Factor Authentication Schemes for Roaming Service in Global Mobility Networks, https://oaepublishstorage.blob.core.windows.net/03626ee5-0b31-492c-8803-a47cca31f9a3/4153.pdf 2.65 [IJCA'20] Cryptanalysis and Improvement of Mutual Authentication Protocol for Real-Time Data Access in Industrial Wireless Sensor Networks, https://www.tandfonline.com/doi/abs/10.1080/1206212X.2020.1825159 2.66 [IEEE Access'20] Securing Smart City Surveillance: A Lightweight Authentication Mechanism for Unmanned Vehicles, https://ieeexplore.ieee.org/abstract/document/9020140 2.67 [IEEE Access'20] IoV-SMAP: Secure and Efficient Message Authentication Protocol for IoV in Smart City Environment, https://ieeexplore.ieee.org/abstract/document/9187911 2.68 [IEEE Access'20] On the Design of Secure and Efficient Three-Factor Authentication Protocol Using Honey List for Wireless Sensor Networks, https://ieeexplore.ieee.org/abstract/document/9110891 2.69 [IEEE Access'20] LAKS-NVT: Provably Secure and Lightweight Authentication and Key Agreement Scheme without Verification Table in Medical Internet of Things, https://ieeexplore.ieee.org/abstract/document/9127942 2.70 [IEEE Access'20] A Physically Secure, Lightweight Three-Factor and Anonymous User Authentication Protocol for IoT, https://ieeexplore.ieee.org/abstract/document/9240926 2.71 [IEEE Access'20] Efficient and Provably Secure Anonymous User Authentication Scheme for Patient Monitoring Using Wireless Medical Sensor Networks, https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9026939 2.72 [IEEE TII'19] Lightweight and Physically Secure Anonymous Mutual Authentication Protocol for Real-Time Data Access in Industrial Wireless Sensor Networks, https://ieeexplore.ieee.org/abstract/document/8625559/ 2.73 [IEEE TVT'19] TCALAS: Temporal Credential-Based Anonymous Lightweight Authentication Scheme for Internet of Drones Environment, https://ieeexplore.ieee.org/abstract/document/8693567 2.74 [IEEE TII'19] Provably Secure Fine-Grained Data Access Control Over Multiple Cloud Servers in Mobile Cloud Computing Based Healthcare Applications, https://ieeexplore.ieee.org/abstract/document/8334302 2.75 [IEEE IoT'19] A Provably Secure and Lightweight Anonymous User Authenticated Session Key Exchange Scheme for Internet of Things Deployment, https://ieeexplore.ieee.org/abstract/document/8737718 2.76 [IEEE IoT'19] Shake to Communicate: Secure Handshake Acceleration-Based Pairing Mechanism for Wrist Worn Devices, https://ieeexplore.ieee.org/abstract/document/8664100/references#references 2.77 [SCN'19] A Lightweight Secure User Authentication and Key Agreement Protocol for Wireless Sensor Networks, https://www.hindawi.com/journals/scn/2019/2136506/ 2.78 [TSC'19] Achieving One-Round Password-Based Authenticated Key Exchange over Lattices, https://ieeexplore.ieee.org/abstract/document/8826379 2.79 [Inscrypt‘19] Two-Round PAKE Protocol over Lattices Without NIZK, https://link.springer.com/chapter/10.1007/978-3-030-14234-6_8 2.80 [IEEE JSYST‘19] Insider Attack Protection: Lightweight Password-Based Authentication Techniques Using ECC, https://ieeexplore.ieee.org/abstract/document/8820037 2.81 [SCN'19] A Generic Multifactor Authenticated Key Exchange with Physical Unclonable Function, https://www.hindawi.com/journals/scn/2019/5935292/ 2.82 [IJCS'19] An Efficient Anonymous User Authentication and Key Agreement Protocol for Wireless Sensor Networks, https://onlinelibrary.wiley.com/doi/abs/10.1002/dac.4724 2.83 [ACM CCS'19] How to (not) Share a Password: Privacy Preserving Protocols for Finding Heavy Hitters with Adversarial Behavior, https://dl.acm.org/doi/pdf/10.1145/3319535.3363204?casa_token=l0Uml94g7BoAAAAA:sSBEam4rUAvskpbgpxD4zwy-Eh8etJ3o50yGI3AtxtCzNRqqU8POINp3pbV7kZAKJzu2EnxudLS5E_o 2.84 [MBE'19] Verifier-Based Anonymous Password-Authenticated Key Exchange Protocol in the Standard Model, https://pdfs.semanticscholar.org/504d/8343b6ca964bc9a37064847ae4bcfab372bd.pdf 2.85 [SCN'19] Efficient Hierarchical Authentication Protocol for Multiserver Architecture, https://www.hindawi.com/journals/scn/2020/2523834/ 2.86 [ISPEC'19] Provably Secure Three-party Password-based Authenticated Key Exchange from RLWE, https://eprint.iacr.org/2019/1386.pdf 2.87 [IEEE Access'19] A Dynamic Privacy-Preserving Key Management Protocol for V2G in Social Internet of Things, https://web.archive.org/web/20210429004802id_/https://ieeexplore.ieee.org/ielx7/6287639/8600701/08732338.pdf 2.88 [IEEE Access'19] A Dynamic Privacy-Preserving Key Management Protocol for V2G in Social Internet of Thing, https://ieeexplore.ieee.org/abstract/document/8732338/ 2.89 [IEEE Access'19] A Secure Authentication Protocol for Multi-Server-Based E-Healthcare Using a Fuzzy Commitment Scheme, https://ieeexplore.ieee.org/abstract/document/8620682 2.90 [IEEE Access'19] Physically Secure Lightweight Anonymous User Authentication Protocol for Internet of Things Using Physically Unclonable Functions, https://ieeexplore.ieee.org/abstract/document/8754672 2.91 [IEEE TII'18] Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks, https://www.researchgate.net/profile/Wenting-Li-14/publication/318473193_Breaking_Two_Remote_User_Authentication_Systems_for_Mobile_Devices/links/5bab5ad445851574f7e68236/Breaking-Two-Remote-User-Authentication-Systems-for-Mobile-Devices.pdf 2.92 [Sensors'18] A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography, https://www.mdpi.com/1424-8220/18/7/2394/htm 2.93 [TSUSC'18] A Mobile Intelligent Terminal Based Anonymous Authenticated Key Exchange Protocol for Roaming Service in Global Mobility Networks, https://ieeexplore.ieee.org/abstract/document/8320857 2.94 [WCMC'18] Cryptanalysis and Security Enhancement of Three Authentication Schemes in Wireless Sensor Networks, https://www.hindawi.com/journals/wcmc/2018/8539674/ 2.95 [SCN'18] A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment, https://www.hindawi.com/journals/scn/2018/9062675/ 2.96 [WCMC'18] A Provably Secure Anonymous Authenticated Key Exchange Protocol Based on ECC for Wireless Sensor Networks, https://www.hindawi.com/journals/wcmc/2018/2484268/ 2.97 [ICICS'18] Revisiting Anonymous Two-Factor Authentication Schemes for Multi-Server Environment, https://link.springer.com/chapter/10.1007/978-3-030-01950-1_50 2.98 [WCMC'18] Trusted Authority Assisted Three-Factor Authentication and Key Agreement Protocol for the Implantable Medical System, https://www.hindawi.com/journals/wcmc/2018/7579161/ 2.99 [Sensors'17] An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks, https://www.mdpi.com/1424-8220/17/12/2946/htm 2.100 [IEEE Access'17] On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services, https://ieeexplore.ieee.org/abstract/document/8076841 2.101 [IEEE Access'17] Provably Secure and Efficient Authentication Protocol for Roaming Service in Global Mobility Networks, https://ieeexplore.ieee.org/abstract/document/8107484 2.102 [JISA'16] Design of a Secure Smart Card-Based Multi-Server Authentication Scheme, https://www.sciencedirect.com/science/article/pii/S2214212616300758 3 Password policy 3.1 [IEEE TIFS'22] Dynamically Generate Password Policy via Zipf Distribution, https://ieeexplore.ieee.org/abstract/document/9715109 4 Password-leakage detection 4.1 [USENIX SEC'22] Might I Get Pwned: A Second Generation Compromised Credential Checking Service, https://pages.cs.wisc.edu/~chatterjee/papers/usenix22-pal.pdf 4.2 [USENIX SEC'20] Detecting Stuffing of a User's Credentials at Her Own Account, https://www.usenix.org/system/files/sec20-wang.pdf 5 Password hashing algorithms/online throttling 5.1 [Wayworkshop'19] DALock: Password Distribution Aware Throttling, https://wayworkshop.org/2019/papers/way2019-blocki.pdf 5.2 [IEEE CSF'16] CASH: A Cost Asymmetric Secure Hash Algorithm for Optimal Password Protection, https://ieeexplore.ieee.org/abstract/document/7536388 6 Password encryption 6.1 [JISA'19] Freestyle, a Randomized Version of ChaCha for Resisting Offline Brute-Force and Dictionary Attacks, https://www.sciencedirect.com/science/article/pii/S2214212618307634 6.2 [IEEE S&P'15] GenoGuard: Protecting Genomic Data against Brute-Force Attacks, https://ieeexplore.ieee.org/abstract/document/7163041/ 7 PINs 7.1 [AsiaCCS'17] Understanding Human-Chosen Pins: Characteristics, Distribution and Security, https://dl.acm.org/doi/abs/10.1145/3052973.3053031?casa_token=Cs3OpH7-HW4AAAAA:snsAZ2QPzjrhQlFCtTiCmP0Gim0GXy5l3drP0rJzSeQTfBkyQMQsRfFloMkRQFBNZJguvfncMhF2SpY 8 Analysis of password characteristics 8.1 [CVHT'21] Zipf's Law Analysis on the Leaked Iranian Users' Passwords, https://link.springer.com/article/10.1007/s11416-021-00397-9 8.2 [Computer&Security'20] Passphrase and Keystroke Dynamics Authentication: Usable Security, https://www.sciencedirect.com/science/article/pii/S0167404820302017 8.3 [USENIX SEC'19] Birthday, Name and Bifacial-Security: Understanding Passwords of Chinese Web Users, https://www.usenix.org/system/files/sec19-wang-ding.pdf 8.4 [SecureComm'17] Exploring the Network of Real-World Passwords: Visualization and Estimation, https://link.springer.com/chapter/10.1007/978-3-319-78813-5_8