Affiliation:
1. Univ. di Torino, Turin, Italy
Abstract
The important problem of user password selection is addressed and a new proactive password-checking technique is presented. In a training phase, a decision tree is generated based on a given dictionary of weak passwords. Then, the decision tree is used to determine whether a user password should be accepted. Experimental results described here show that the method leads to a very high dictionary compression (up to 1000 to 1) with low error rates (of the order of 1%). A prototype implementation, called ProCheck, is made available online. We survey previous approaches to proactive password checking, and provide an in-depth comparison.
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,General Computer Science
Cited by
14 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. A password creation and validation system for social media platforms based on big data analytics;Journal of Ambient Intelligence and Humanized Computing;2019-01-22
2. What Lies Beneath? Analyzing Automated SSH Bruteforce Attacks;Technology and Practice of Passwords;2016
3. A Large-Scale Evaluation of High-Impact Password Strength Meters;ACM Transactions on Information and System Security;2015-06-09
4. Graphical passwords;ACM Computing Surveys;2012-08
5. Graphical Passwords;Threats, Countermeasures, and Advances in Applied Information Security;2012