Detecting and Analyzing Password Database crack Using Honeyindex

In the honeywords approach default passwords are used to detect attacks against hashed password databases. For each user account, the list of password is stored with several honeywords. If honeywords are selected properly, an attacker who steals a file of hashed passwords cannot be sure if it is the real password or a honeyword for any account. Login with a honeyword will trigger an alarm notifying the administrator about a password file breach. At the expense of increasing the storage requirement, the honeyindex system is an effective solution to the detection of password file disclosure events. Also, as this approach uses existing user index as a honeyindex of other user it reduce storage cost as compare to honeyword scheme.