Back to Search
Start Over
A New Multimodal Approach for Password Strength Estimation—Part II: Experimental Evaluation
- Source :
- IEEE Transactions on Information Forensics and Security. 12:2845-2860
- Publication Year :
- 2017
- Publisher :
- Institute of Electrical and Electronics Engineers (IEEE), 2017.
-
Abstract
- A novel multimodal method for the estimation of password strength was presented in Part I of this series of two papers. In this paper, the experimental framework used for the evaluation of the novel approach is described. The method is evaluated following a reproducible protocol, which includes a three-dimensional approach: 1) deterministic assessment; 2) statistical assessment; and 3) third parties assessment (thanks to the availability upon request of an executable application that integrates the multimodal meter). The key experiment of the protocol compares, from a probabilistic point of view, the strength distributions assigned to passwords broken with increasingly complex attacking approaches, following a common strategy in a typical password cracking session. The experimental evaluation is carried out not only for the new meter, but also for other strength estimators from the state of the art, comparing their overall performance. In addition to its consistent results, the proposed method is highly flexible and can be adjusted to specific environments or to a certain password policy. Furthermore, it can also evolve over time in order to naturally adjust to new password selection trends followed by users.
- Subjects :
- Password
021110 strategic, defence & security studies
Password policy
Computer Networks and Communications
Computer science
business.industry
0211 other engineering and technologies
Password cracking
02 engineering and technology
Machine learning
computer.software_genre
Password strength
020204 information systems
0202 electrical engineering, electronic engineering, information engineering
Key (cryptography)
Data mining
Artificial intelligence
Safety, Risk, Reliability and Quality
business
computer
Protocol (object-oriented programming)
Subjects
Details
- ISSN :
- 15566021 and 15566013
- Volume :
- 12
- Database :
- OpenAIRE
- Journal :
- IEEE Transactions on Information Forensics and Security
- Accession number :
- edsair.doi...........dbbee2234a7dfa95bf9dd5747516bcb5