A state-of-the-art password strength analysis demonstrator

Nico van Heijningen
CMI-Program Technical Informatics – Rotterdam University
Rotterdam University, 2013


   title={A state-of-the-art password strength analysis demonstrator},

   author={van Heijningen, Nico},



Download Download (PDF)   View View   Source Source   



Due to recent developments: leaks of large lists of user passwords (e.g. LinkedIn), new probabilistic password cracking techniques and the introduction of password cracking using GPUs. Passwords can now be cracked faster than ever before. The leaked password lists have been analyzed by hackers and common patterns found inside the passwords are being exploited to crack others. We have analyzed a collection of these leaked password lists and generated a list of the most common patterns in a probabilistic order furthermore, we compared the distribution of characters inside passwords to that of English text. Next we have built a state-of-the-art password strength analysis demonstrator that is able to show which of these common patterns are contained inside a password and why it could be considered a "weak" password. The demonstrator is modeled after the realistic scenario of an automated password cracking attack and passwords that assessed "strong" should therefore "survive" such an attack. We are convinced our demonstrator is an improvement over the current password strength measurements because it results in a lesser "false sense of security" amongst its users and helps them make their passwords more resistant against such attacks.
No votes yet.
Please wait...

* * *

* * *

HGPU group © 2010-2021 hgpu.org

All rights belong to the respective authors

Contact us: