Strength Analysis of Real-Life Passwords Using Markov Models

Recent literature proposes the use of a proactive password checker as method for preventing users from creating easy-to-guess passwords. Markov models can help us create a more effective password checker that would be able to check the probability of a given password to be chosen by an attacker. We...

Full description

Saved in:
Bibliographic Details
Published inApplied sciences Vol. 11; no. 20; p. 9406
Main Authors Taneski, Viktor, Kompara, Marko, Heričko, Marjan, Brumen, Boštjan
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.10.2021
Subjects
Datasets
Information systems
Markov chains
Markov models
password analysis
password score
password strength
Passwords
Social networks
Sparsity
Online AccessGet full text

Cover

More Information
Summary:Recent literature proposes the use of a proactive password checker as method for preventing users from creating easy-to-guess passwords. Markov models can help us create a more effective password checker that would be able to check the probability of a given password to be chosen by an attacker. We investigate the ability of different Markov models to calculate a variety of passwords from different topics, in order to find out whether one Markov model is sufficient for creating a more effective password checker. The results of our study show that multiple models are required in order to be able to do strength calculations for a wide range of passwords. To the best of our knowledge, this is the first password strength study where the effect of the training password datasets on the success of the model is investigated.
ISSN:2076-3417
2076-3417
DOI:10.3390/app11209406