C. Castelluccia, A. Chaabane, M. Durmuth, and D. Perito, When privacy meets security: Leveraging personal information for password cracking, Computing Research Repository, vol.6584, p.1304, 2013.

F. Damerau, A technique for computer detection and correction of spelling errors, Communications of the ACM, vol.7, issue.3, pp.171-176, 1964.
DOI : 10.1145/363958.363994

A. Das, J. Bonneau, M. Caesar, N. Borisov, and X. Wang, The Tangled Web of Password Reuse, Proceedings 2014 Network and Distributed System Security Symposium, 2014.
DOI : 10.14722/ndss.2014.23357

M. Durmuth, F. Angelstorf, C. Castelluccia, D. Perito, and A. Chaabane, OMEN: Faster Password Guessing Using an Ordered Markov Enumerator, Proceedings of the Seventh International Symposium on Engineering Secure Software and Systems, pp.119-132, 2015.
DOI : 10.1007/978-3-319-15618-7_10

S. Houshmand and S. Aggarwal, Building better passwords using probabilistic techniques, Proceedings of the 28th Annual Computer Security Applications Conference on, ACSAC '12, pp.109-118, 2012.
DOI : 10.1145/2420950.2420966

S. Houshmand, S. Aggarwal, and R. Flood, Next Gen PCFG Password Cracking, IEEE Transactions on Information Forensics and Security, vol.10, issue.8, pp.1776-1791, 2015.
DOI : 10.1109/TIFS.2015.2428671

Y. Li, H. Wang, and K. Sun, A study of personal information in human-chosen passwords and its security implications, IEEE INFOCOM 2016, The 35th Annual IEEE International Conference on Computer Communications, 2016.
DOI : 10.1109/INFOCOM.2016.7524583

K. Loge, The English Open Word List, Dreamsteep (dreamsteep. com/projects/the-english-open-word-list, p.2017

A. Narayanan and V. Shmatikov, Fast dictionary attacks on passwords using time-space tradeoff, Proceedings of the 12th ACM conference on Computer and communications security , CCS '05, pp.364-372, 2005.
DOI : 10.1145/1102120.1102168
URL : http://www.cs.utexas.edu/~shmat/shmat_ccs05pwd.ps

R. Shay, S. Komanduri, P. Kelley, P. Leon, M. Mazurek et al., Encountering stronger password requirements, Proceedings of the Sixth Symposium on Usable Privacy and Security, SOUPS '10, 2010.
DOI : 10.1145/1837110.1837113

A. Vance, If your password is 123456, just make it hackme, The New York Times, 2010.

D. Wang, Z. Zhang, P. Wang, J. Yan, and X. Huang, Targeted Online Password Guessing, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS'16, pp.1242-1254, 2016.
DOI : 10.1145/1866307.1866328
URL : http://eprints.lancs.ac.uk/85017/1/ccs16.pdf

R. Waugh, No wonder hackers have it easy: Most of us now have 26 different online accounts ? but only five passwords, Daily Mail, 2102.

M. Weir, S. Aggarwal, M. Collins, and H. Stern, Testing metrics for password creation policies by attacking large sets of revealed passwords, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.162-175, 2010.
DOI : 10.1145/1866307.1866327

M. Weir, S. Aggarwal, B. De-medeiros, and B. Glodek, Password Cracking Using Probabilistic Context-Free Grammars, 2009 30th IEEE Symposium on Security and Privacy, pp.391-405, 2009.
DOI : 10.1109/SP.2009.8

Y. Zhang, F. Monrose, and M. Reiter, The security of modern password expiration, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.176-186, 2010.
DOI : 10.1145/1866307.1866328