N. Memon, How biometric authentication poses new challenges to our security and privacy, IEEE Signal Processing Magazine, vol.34, issue.4, pp.196-194, 2017.

G. C. Batista, C. C. Miers, G. P. Koslovski, M. A. Pillon, N. M. Gonzalez et al., Using Externals IdPs on OpenStack: A Security Analysis of OpenID Connect, Facebook Connect, and OpenStack Authentication, IEEE 32nd International Conference on Advanced Information Networking and Applications -AINA, vol.00, pp.920-927, 2018.

B. Jensen, 5 myths of password security, pp.2017-2029, 2013.

W. Ma, J. Campbell, D. Tran, and D. Kleeman, Password entropy and password quality, 4th International Conference on Network and System Security, pp.583-587, 2010.

J. Bonneau, The science of guessing: Analyzing an anonymized corpus of 70 million passwords, IEEE Symposium on Security and Privacy, pp.538-552, 2012.

R. Shay, S. Komanduri, P. G. Kelley, P. G. Leon, M. L. Mazurek et al., Encountering stronger password requirements: User attitudes and behaviors, Proceedings of the 6th Symposium on Usable Privacy and Security, ser. SOUPS '10, pp.1-20, 2010.

B. Ur, F. Noma, J. Bees, S. M. Segreti, R. Shay et al., I added '!'at the end to make it secure: Observing password creation in the lab, Proceedings of the 11th symposium on usable privacy and security, 2015.

P. Lipa, The security risks of using "forgot my password" to manage passwords, 2016.

S. Gressin, The equifax data breach: What to do, 2017.

M. Blum and S. S. Vempala, Publishable humanly usable secure password creation schemas, 3rd AAAI Conference on Human Computation and Crowdsourcing, 2015.

W. Melicher, D. Kurilova, S. M. Segreti, P. Kalvani, R. Shay et al., Usability and security of text passwords on mobile devices, Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, ser. CHI '16, pp.527-539, 2016.

S. M. Segreti, W. Melicher, S. Komanduri, D. Melicher, R. Shay et al., Diversify to survive: Making passwords stronger with adaptive policies, 13th Symposium on Usable Privacy and Security -SOUPS, pp.1-12, 2017.

J. Marquardson, Password policy effects on entropy and recall: Research in progress, Americas Conference on Information Systems, 2012.

W. Yang, N. Li, O. Chowdhury, A. Xiong, and R. W. Proctor, An empirical study of mnemonic sentence-based password generation strategies, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS '16, pp.1216-1229, 2016.

J. Bonneau and E. Shutova, Linguistic properties of multi-word passphrases, International Conference on Financial Cryptography and Data Security, pp.1-12, 2012.

M. Keith, B. Shao, and P. J. Steinbart, The usability of passphrases for authentication: An empirical field study, International journal of human-computer studies, vol.65, issue.1, pp.17-28, 2007.

R. Shay, S. Komanduri, A. L. Durity, P. S. Huh, M. L. Mazurek et al., Can long passwords be secure and usable, Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ser. CHI '14, pp.2927-2936, 2014.

D. R. Pilar, A. Jaeger, C. F. Gomes, and L. M. Stein, Passwords usage and human memory limitations: A survey across age and educational background, PLoS One, vol.7, issue.12

. Centrify, Centrify password survey: Summary, Centrify, Tech. Rep, 2014.

P. Lambert, 6) The case of case-insensitive passwords, 2012.

R. Chatterjee, A. Athayle, D. Akhawe, A. Juels, and T. Ristenpart, pASSWORD tYPOS and how to correct them securely, IEEE Symposium on Security and Privacy, pp.799-818, 2016.

R. Chatterjee, J. Woodage, Y. Pnueli, A. Chowdhury, and T. Ristenpart, The typtop system: Personalized typo-tolerant password checking, Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS '17, pp.329-346, 2017.

N. K. Blanchard, Password typo correction using discrete logarithms, 8th International Conference on Computer Science and Communication Engineering, 2019.
URL : https://hal.archives-ouvertes.fr/hal-02550719

J. Woodage, R. Chatterjee, Y. Dodis, A. Juels, and T. Ristenpart, A new distribution-sensitive secure sketch and popularity-proportional hashing, Advances in Cryptology -CRYPTO, pp.682-710, 2017.

S. Sun and K. Beznosov, The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems, Proceedings of the 2012 ACM Conference on Computer and Communications Security, ser. CCS '12, pp.378-390, 2012.

B. Herzog and Y. Balmas, Great crypto failures, Virus Bulletin Conference, 2016.

F. J. Damerau, A technique for computer detection and correction of spelling errors, Communications of the ACM, vol.7, issue.3, pp.171-176, 1964.

G. Brassard and S. Kannan, The generation of random permutations on the fly, Information Processing Letters, vol.28, issue.4, pp.207-212, 1988.

P. E. Black, Fisher-yates shuffle, Dictionary of algorithms and data structures, vol.19, 2005.

P. Institute, The cost of credential stuffing, 2017.

R. Wash, E. Rader, R. Berman, and Z. Wellmer, Understanding password choices: How frequently entered passwords are re-used across websites, 12th Symposium on Usable Privacy and Security -SOUPS, pp.175-188, 2016.

M. Pinola, Your clever password tricks aren't protecting you from today's hackers, 2014.

M. Sprengers, Gpu-based password cracking, 2011.

G. Bertoni, J. Daemen, M. Peeters, and G. Van-assche, On the indifferentiability of the sponge construction, Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp.181-197, 2008.

B. Kaliski, Pkcs# 5: Password-based cryptography specification version 2.0, RFC Editor, 2000.

A. Biryukov, D. Dinu, and D. Khovratovich, Argon2: new generation of memory-hard functions for password hashing and other applications, IEEE European Symposium on Security and Privacy -EuroS&P, pp.292-302, 2016.

A. Vance, If your password is 123456, just make it hackme, 2010.

P. G. Kelley, S. Komanduri, M. L. Mazurek, R. Shay, T. Vidas et al., Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms, IEEE Symposium on Security and Privacy, pp.523-537, 2012.

W. E. Burr, D. F. Dodson, and T. W. Polk, Nist special publication 800-63-2, Electronic Authentication Guideline, vol.1, 2004.

S. Deering and R. Hinden, Rfc 2460-internet protocol, version 6 (ipv6) specification, 1998.

. Antelle, Argon2 in browser, 2018.

A. Rossberg, Webassembly: high speed at low cost for everyone, ML16: Proceedings of the 2016 ACM SIGPLAN Workshop on ML, 2016.