Adaptive Password-Strength Meters from Markov Models

Claude Castelluccia 1 Durmuth Markus 2 Daniele Perito 1
1 PLANETE - Protocols and applications for the Internet
Inria Grenoble - Rhône-Alpes, CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : Measuring the strength of passwords is crucial to ensure the security of password-based authentication. However, current methods to measure password strength have limited accuracy, first, because they use rules that are too simple to capture the complexity of passwords, and second, because password frequencies widely differ from one application to another. In this paper, we present the concept of adaptive password strength meters that estimate password strength using Markov-models. We propose a secure implementation that greatly improves on the accuracy of current techniques.
Type de document :
Communication dans un congrès
NDSS 2012 - 19th Annual Network & Distributed System Security Symposium, Feb 2012, San Diego, United States. 2012
Liste complète des métadonnées

https://hal.inria.fr/hal-00747824
Contributeur : Claude Castelluccia <>
Soumis le : vendredi 2 novembre 2012 - 11:20:28
Dernière modification le : mercredi 11 avril 2018 - 01:56:24

Identifiants

  • HAL Id : hal-00747824, version 1

Collections

Citation

Claude Castelluccia, Durmuth Markus, Daniele Perito. Adaptive Password-Strength Meters from Markov Models. NDSS 2012 - 19th Annual Network & Distributed System Security Symposium, Feb 2012, San Diego, United States. 2012. 〈hal-00747824〉

Partager

Métriques

Consultations de la notice

897