Understanding User Passwords through Password Prefix and Postfix (P3) Graph Analysis and Visualization
Date: April 12 2019
Publication: International Journal of Information Security
Page(s): 1 - 17
Source 1: http://people.cst.cmich.edu/liao1q/papers/P3.pdf
Source 2: https://doi.org/10.1007/s10207-019-00432-3 - Subscription or payment required
Abstract or Summary:
While other authentication methods exist, passwords are still the dominant way for user authentication and system security. Over the years, passwords have become long and complex thanks to security policy and awareness. However, the security of user passwords remains unclear. Therefore, understanding users passwords is vital to improve the strength of passwords and system security in general. In this paper, we investigate one specific pattern, i.e., the prefix and postfix of user passwords. To facilitate password prefix and postfix (P3) analysis, we propose both hierarchical segmentation / optimization algorithms and password prefix/postfix graphs (P3G) construction and P3G visualizations. Through case study over real-world user passwords, we demonstrate P3 analysis and visualization are effective in identifying unique patterns for different user categories. The results suggest strong correlations between prefix/postfix and their context in user passwords.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.