Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
October 23, 2015 08:00 pm

An Algorithm For Better Password Checking

New submitter della writes: Password checkers — those things that tell you whether your password is strong or not — are good: various studies have found that they make users choose better passwords. Unfortunately, nowadays attackers use probabilistic strategies based on natural language processing to guess passwords earlier, and most checkers consist of heuristic rules that don't reflect well probabilistic attacks. To do better you could in theory simulate the attack, but if your password is not that bad, that would be very expensive or just unfeasible. In a paper I wrote with Maurizio Filippone and presented at ACM's CCS conference, we show how you can take an attack model and a password, and through a simple formula come up quickly with a reliable estimation of how many guesses that attack would need to guess the password. You can use this to roll a better password checker, or — as we've also done in the paper — to compare different attacks.

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/hgzc5uJUAq0/an-algorithm-for-better-password-checking

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot