Preventing Weak Password Choices

نویسنده

  • Eugene H. Spafford
چکیده

A common problem with systems that use passwords for authentication results when users choose weak passwords. Weak passwords are passwords that arc easy to guess, or likely to be found in a dictionary attack. Thus, the choice of weak passwords may lead to system compromisation. Methods exist to prevent users from selecting and using weak passwords. One common method is to compare user choices against a list ofunRcceptable words. The problem with. this approach is the amount of space required to store even a modest-sized dictionary of prohibited password choices. This paper describes a space-efficient method of storing a didionary of words that are not allowed as password choices. Lookups in the didionary are 0(1) (constant time) no maHer how many words are in the didionary. The mechanism described has other interesting features, a few of which are described here.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

OPUS: Preventing weak password choices

A common problem with systems that use passwords for authentication is that users choose weak passwords. Weak passwords are passwords that are easy to guess, simple to derive, or likely to be found in a dictionary attack. Thus, the choice of weak passwords may lead to a compromised system. Methods exist to prevent users from selecting and using weak passwords. One commonmethod is to compare use...

متن کامل

A New Approach towards Secure Password Authentication Based on CARP

The Most of the protected resources are based on difficult math issues. How to use hard Artificial Intelligence issues for protection is growing as an exciting new paradigm, but has been under-explored. We apply a new protection resource are based on hard personal Artificial Intelligence issues. CARP also provides a new technique to address the famous image hotspot issue in popular graphical pa...

متن کامل

From Very Weak to Very Strong: Analyzing Password-Strength Meters

Millions of users are exposed to password-strength meters/checkers at highly popular web services that use userchosen passwords for authentication. Recent studies have found evidence that some meters actually guide users to choose better passwords—which is a rare bit of good news in password research. However, these meters are mostly based on ad-hoc design. At least, as we found, most vendors d...

متن کامل

An Empirical Investigation: Health Care Employee Passwords and Their Crack Times in Relationship to HIPAA Security Standards

The purpose of this article is to examine the passwords selected by health care professionals and the security and privacy standards in relationship to those passwords as addressed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Examinations of these passwords have illustrated the connectivity between password length and strength and the need to educate employees as ...

متن کامل

Private Password Auditing - Short Paper

Passwords are the foremost mean to achieve data and computer security. Hence, choosing a strong password which may withstand dictionary attacks is crucial in establishing the security of the underlying system. In order to ensure that strong passwords are chosen, system administrators often rely on password auditors to filter weak password digests. Several tools aimed at preventing digest misuse...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2013