SIN DES TATARES BALKANIQUES
La conversation amoureuse alterne avec des competitions sur des questions philosophiques, astrologiques, religieuses, etc , dont les sujets sont empruntes surtout au Muhammediye Ces sim de competition, nommes manall sminar (lit : ,,sln significatifs"), sont en premier lieu l'ceuvre des soqta ,,etudiants
Culture 2000 – Translation projects funded in 2003
Marc Lambron, Etrangers dans la nuit 6 Jens Henrik Jensen, Hofnarren I Murmansk 7 Alice Ferney, La conversation amoureuse 8 Maggie Gee, The White Family 9 Antonio Munoz Molina, Sefarad 10 Linda Grant, Still here Community funding: 49 855,00 € Alexandria Publications, Greece 1 Joseph O’Neill, Blood-Dark Track 2 Ciaran Carson, Shamrock
Une sorcière amoureuse - WordPresscom
riche costume brodé d'or, une fleur blanche à la boutonnière Le jeune homme salua la sorcière, la conversation s'engagea et comme la sorcière était pressée, au bout d'un quart d'heure, le jeune homme était fou amoureux Cinq minutes après, ils échangeaient leur premier baiser Puis brusquement, la sorcière se leva et dit très vite :
PLAISIRS DAMOUR
tombe eperdument amoureuse du duc de Nemours, qui la poursuit de ses ardeurs Dechlree entre sondevoiret la force desonamour,elle s'efforce defuir ~emours car elle veut rester Irrepro-chablevis-a-visdesonmarletconserver sa propre estlme Apres la mort deson mari, devenue IIbre, elle refuse d'epou-serNemoursetseretire aucouvent
La préciosité au 17ème siècle - Cours de Français
La conversation mondaine supplante la conversation masculine entre érudits, le salon remplace l’Académie La conver-sation devient un jeu qui exclut la grande éloquence Elle doit être ludique et désintéressée Elle consiste en un échange libre dont le ton doit répondre à un idéal de naturel
Extrait de la publication
tent, comme chacun, de s'arrimer à la vie Dans cette chronique de la désolation, Alice Ferney révèle les parcours secrets de l'amour et de l'in-nocence Il se trouve même un chien fidèle, Prince, pour y participer et montrer que les bêtes aussi sont dans la guerre Extrait du livre : Jules avait refermé la porte derrière lui Il était
Histoires pressées Situation-problème envisagée : Comment l
2 Enchaînement rapide des étapes de leur relation amoureuse : « Le jeune homme salua la sorcière, la conversation s’engagea et comme la sorcière était pressée, au bout d’un quart d’heure, le jeune homme était fou amoureux Cinq minutes après, ils éch ang e in t lu r p rm ba s P u is b rsq em n ta o c è e ev d è v:
Extrait de la publication
l'approche, la conversation, le départ vers la chambre, l'ordredéplace (ou ce len'est désordre) pas la scène ménager amoureuse du lieu qui Le est réalisme réaliste (ou se du moins son réalisme n'est pas pertinent), c'est la scène
(How) Do People Change Their Passwords After a Breach?
the two passwords Participants who changed passwords on the breached do-mains had on average 30 accounts with similar passwords Of the 21 participants who changed passwords, 14 changed
[PDF] dialogue d amour entre deux amoureux
[PDF] dialogue tragique entre deux amoureux
[PDF] dialogue d'amour triste
[PDF] dialogue d'amour entre une fille et un garcon
[PDF] poème conversation jean tardieu
[PDF] exercice appel téléphonique
[PDF] simulation accueil téléphonique
[PDF] accueil téléphonique exercices
[PDF] mise en situation accueil téléphonique
[PDF] mise en situation d un appel téléphonique
[PDF] conversion temps décimal
[PDF] convertisseur temps
[PDF] exercice conversion aire 6eme
[PDF] 0 6 m2 en dam2
[PDF] mesures d'aires exercices cm2
(How) Do People Change Their Passwords
[PDF] dialogue tragique entre deux amoureux
[PDF] dialogue d'amour triste
[PDF] dialogue d'amour entre une fille et un garcon
[PDF] poème conversation jean tardieu
[PDF] exercice appel téléphonique
[PDF] simulation accueil téléphonique
[PDF] accueil téléphonique exercices
[PDF] mise en situation accueil téléphonique
[PDF] mise en situation d un appel téléphonique
[PDF] conversion temps décimal
[PDF] convertisseur temps
[PDF] exercice conversion aire 6eme
[PDF] 0 6 m2 en dam2
[PDF] mesures d'aires exercices cm2
(How) Do People Change Their Passwords
After a Breach?
Sruti Bhagavatula
Carnegie Mellon University
srutib@cmu.eduLujo BauerCarnegie Mellon University
lbauer@cmu.eduApu KapadiaIndiana University Bloomington
kapadia@indiana.eduAbstract-
To protect against misuse of passwords compromised in a breach, consumers should promptly change affected passwords and any similar passwords on other accounts. Ideally, affected companies should strongly encourage this behavior and have mechanisms in place to mitigate harm. In order to make recom- mendations to companies about how to help their users perform these and other security-enhancing actions after breaches, we must first have some understanding of the current effectiveness of companies" post-breach practices. To study the effectiveness of password-related breach notifications and practices enforced after a breach, we examine-based on real-world password data from 249 participants-whether and how constructively partici- pants changed their passwords after a breach announcement. Of the 249 participants, 63 had accounts on breached domains; only 33% of the 63 changed their passwords and only 13% (of 63) did so within three months of the announcement. New passwords were on average1:3stronger than old passwords (when com- paringlog10-transformed strength), though most were weaker or of equal strength. Concerningly, new passwords were overall more similar to participants" other passwords, and participants rarely changed passwords on other sites even when these were the same or similar to their password on the breached domain. Our results highlight the need for more rigorous password- changing requirements following a breach and more effective breach notifications that deliver comprehensive advice. Index Terms-passwords, data breaches, security behaviorI. INTRODUCTION
Password breaches have been on the rise, affecting main- stream companies such as Yahoo! and gaming sites such as League of Legends and Neopets among others [11]. Stolen passwords have been largely exposed in insecure forms such as in plain text or by weak hashes (often unsalted or easily guessed through dictionary attacks) such as MD5 and SHA-1 hashes, leaving users vulnerable unless they change their passwords on the affected sites [11]. Additionally, when a company suffers a breach involving passwords, rarely are the users affected solely on the compromised domain [17]. Previous work has shown that, on average, a user exactly or partially reuses their passwords on over 50% of their accounts [17], [20], [35]. In such cases, when a person"s password on one domain is compromised, they incur the risk that an attacker will be able to gain access to their other accounts that use similar or the same passwords. In order to make informed recommendations to companies on best risk mitigation practices after a breach, it is instructive to examinepeople"s current password-changing behavior after breaches.Prior work has explored problems related to data breaches
and changing passwords, e.g., how people comprehend data breaches [27], [48], what factors make them more inclined to take action after breaches [27], [48], and how people change passwords in response to reuse notifications [23]. Researchers found that people were more likely to heed advice about actions after security breaches based on who was giving the advice and often underestimated the harm that could be incurred as a result of a compromise [27], [48]. Related to password changes, researchers found that very few of their participants in an online study reported intentions to change passwords after being notified that their passwords were compromised or reused, including because they believed in the "invincibility" of their passwords [23]. These studies are important to understand how to better inform people about the impact of data breaches and to understand people"s mental models when it comes to taking action to protect themselves. However, we still lack an understanding of the actual extent- empirically measured-to which actions taken by companies to inform their users after a breach are effective. We make a significant effort towards developing this under- standing. We analyze longitudinal, real-world password data over two years to understand whether people change their passwords after a breach and the quality of these password changes. Specifically, we examine: (1) whether people with an account on a breached domain changed their passwords after the breach and how constructive these changes were; (2) the extent to which people changed similar passwords on domains other than the breached domains; and (3) how password changes related to breaches compare toall other password changes. Our dataset was collected from the home computers of 249 participants between Jan. 2017 and Dec. 2018 and includes allpasswords used to log onto online services. Of the 249 participants, 63 had accounts on one of the breached domains we studied and were active in the study at the time of the breach announcement and for three months after. We found that only 21 of the 63 participants changed their password after a breach announcement and only 15 did so within three months of the announcement. The majority of these changes were in response to a high-risk breach (i.e., the Yahoo! breach). We also found that only a minority of password changes were to stronger passwords and that new and old passwords shared a substring on average almost half the length of the longer of the two passwords. Participants who changed passwords on the breached do- mains had on average 30 accounts with similar passwords. Of the 21 participants who changed passwords, 14 changed at least one similar password within a month of changing their password on the breached domain. These 14 changed, on average, only four similar passwords within that month. As a baseline for the quality of password changes, we looked at all password changes made by the 249 participants over the two-year period. A large fraction (69.6%) of the pass- word changes resulted in weaker or equal-strength passwords, and old and new passwords on average shared a substring85.1% the length of the longer of the pair. Overall, the proper-
ties of password changes on breached domains were roughly similar to the properties of the baseline password changes, though on average resulted in more dissimilar passwords. Our results suggest that current breach notifications are not effective, in that most users who are affected do not react sufficiently to mitigate their risk either on the breached domain or on others. Our results clearly indicate that more should be done-through breach notifications or other means-to induce users to change passwords both on the affected domain and especially on other domains, which users generally ignore. Similarly, additional means are needed to educate and en- courage users to make their new passwords both strong and different from their existing passwords.II. RELATED WORK
A. Data breaches and security incidents
Prior work has studied how people hear about breaches [18], what people comprehend about data breaches [27], [48], and what makes them take action [27], [48]. Overall, they found that people are more willing to take action after a breach depending on their perceptions of tangible security benefits [27] and the source of advice about actions [48]. A study about breaches and consumers found that customers" spending at a retailer fell significantly after the retailer suffered a breach [26], while another survey found that only a minority of respondents would stop doing business with a company after a breach [13]. Other work has found that people react to security incidents involving accounts on a major social network in a variety of ways, from doing nothing to actively seeking out information [37]. Users can be alerted about breaches that affect them not just by the organizations that suffer breaches, but also by dedicated services like HaveIBeenPwned [11], LifeLock [9], and Enzoic [7]. Additionally, password managers such as Last- Pass [10] and the password manager built into Firefox [8] alert users if their logins are found in data breaches. Researchers recently created a privacy-preserving protocol by which clients can query breach repositories without revealing the actual credentials being queried [40].B. Password-related behaviors
Several large-scale password studies have shown that pass-word reuse is rampant [17], [20], [35], [44], finding that onaverage people reused over half their passwords [17], [35].
Other work showed that people have trouble managing their passwords and using password managers [36], which con- tributes to password reuse [39]. Recent work surveyed people"s reactions to notifications that their password was compromised or was being reused on other sites and found that, when advised or required to change their passwords, less than a third of respondents reported any intention to comply [23]. Another study about defenses against credential stuffing (when an attacker uses lists of breached usernames and passwords to gain access on a large scale to several other websites) found that when participants were notified about credential breaches through a privacy-preserving breach querying protocol, 26% of the notifications caused participants to create passwords that were at least as strong as their previous ones [40]. Researchers have measured password-related behaviors in a variety of ways, e.g., by asking participants to install password-logging tools [20], [44] and analyzing breached passwords from publicly posted lists [12], [17] or privately collected datasets [32]. We leverage data collected through the Security Behavior Observatory (SBO) (see Section III), which captures detailed, real-world behavior of home com- puter users by instrumenting their operating systems and web browsers [21], [22], [35].