Unrevealed Patterns in Password Databases Part One: Analyses of Cleartext Passwords

In this paper we present a regression based analyses of cleartext passwords moving towards an efficient password cracking methodology. Hundreds of available databases were examined and it was observed that they had similar behavior regardless of their size: password length distribution, entropy, let...

Full description

Saved in:
Bibliographic Details
Published inTechnology and Practice of Passwords pp. 89 - 101
Main Authors Tihanyi, Norbert, Kovács, Attila, Vargha, Gergely, Lénárt, Ádám
Format Book Chapter
LanguageEnglish
Published Cham Springer International Publishing 2015
SeriesLecture Notes in Computer Science
Subjects
Cracking method
Password analyzing
Patterns
Online AccessGet full text

Cover

More Information
Summary:In this paper we present a regression based analyses of cleartext passwords moving towards an efficient password cracking methodology. Hundreds of available databases were examined and it was observed that they had similar behavior regardless of their size: password length distribution, entropy, letter frequencies form similar characteristics in each database. Exploiting these characteristics a huge amount of cleartext passwords were analyzed in order to be able to design more sophisticated brute-force attack methods. New patterns are exposed by analyzing millions of cleartext passwords.
ISBN:3319241915
9783319241913
ISSN:0302-9743
1611-3349
DOI:10.1007/978-3-319-24192-0_6