Chunk-Level Password Guessing: Towards Modeling Refined Password Composition Representations
Ming Xu, Chuanwang Wang, Jitao Yu, Junjie Zhang, Kai Zhang, Weili Han
Abstract
Textual password security hinges on the guessing models adopted by attackers, in which a suitable password composition representation is an influential factor. Unfortunately, the conventional models roughly regard a password as a sequence of characters, or natural-language-based words, which are password-irrelevant. Experience shows that passwords exhibit internal and refined patterns, e.g., "4ever, ing or 2015", varying significantly among periods and regions. However, the refined representations and their security impacts could not be automatically understood by state-of-the-art guessing models (e.g., Markov).
Topics & Concepts
PasswordPassword strengthComputer scienceOne-time passwordZero-knowledge password proofCognitive passwordS/KEYComposition (language)Representation (politics)Computer securityNatural language processingTheoretical computer scienceLinguisticsPolitical scienceLawPhilosophyPoliticsUser Authentication and Security SystemsAdvanced Malware Detection TechniquesSpam and Phishing Detection