Adaptive Password-Strength Meters from Markov Models

Claude Castelluccia 1 Durmuth Markus 2 Daniele Perito 1
1 PLANETE - Protocols and applications for the Internet
Inria Grenoble - Rhône-Alpes, CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : Measuring the strength of passwords is crucial to ensure the security of password-based authentication. However, current methods to measure password strength have limited accuracy, first, because they use rules that are too simple to capture the complexity of passwords, and second, because password frequencies widely differ from one application to another. In this paper, we present the concept of adaptive password strength meters that estimate password strength using Markov-models. We propose a secure implementation that greatly improves on the accuracy of current techniques.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/hal-00747824
Contributor : Claude Castelluccia <>
Submitted on : Friday, November 2, 2012 - 11:20:28 AM
Last modification on : Wednesday, April 11, 2018 - 1:56:24 AM

Identifiers

  • HAL Id : hal-00747824, version 1

Collections

Citation

Claude Castelluccia, Durmuth Markus, Daniele Perito. Adaptive Password-Strength Meters from Markov Models. NDSS 2012 - 19th Annual Network & Distributed System Security Symposium, ISOC, Feb 2012, San Diego, United States. ⟨hal-00747824⟩

Share

Metrics

Record views

1002