Title :
A probabilistic framework for improved password strength metrics
Author :
Galbally, Javier ; Coisel, Iwen ; Sanchez, Israel
Author_Institution :
Joint Res. Center, Eur. Comm., Ispra, Italy
Abstract :
Passwords are still the most widely deployed form of authentication for both local applications and on-line services. For several decades, password policies have aimed at measuring password strength using simple sets of rules in an attempt to guide the users towards the selection of stronger passwords. In this paper, we provide an alternative vision to the existing password strength metrics by proposing a new statistical approach that is better aligned with the actual resistance of passwords to guessing attacks. The proposed probabilistic framework is able to objectively measure the strength of a given password taking advantage of the information available in the several public datasets of passwords.
Keywords :
Markov processes; authorisation; probability; statistical analysis; guessing attacks; improved password strength metrics; on-line services; password policies; password selection; password strength metrics; probabilistic framework; public datasets; statistical approach; Analytical models; Computational modeling; Databases; Dictionaries; Markov processes; Measurement; Probabilistic logic; Dictionary attacks; Markov Chains; Password security; Password strength metrics;
Conference_Titel :
Security Technology (ICCST), 2014 International Carnahan Conference on
Conference_Location :
Rome
Print_ISBN :
978-1-4799-3530-7
DOI :
10.1109/CCST.2014.6986985
