High Dictionary Compression for Proactive Password Checking
Author(s): Francesco Bergadano, Bruno Crispo, Giancarlo Ruffo

Date: November 1998
Publication: ACM Transactions on Information and System Security (TISSEC), Volume 1, Issue 1
Page(s): 3 - 25
Publisher: ACM
Source 1: http://www.di.unito.it/~ruffo/bio/Papers/tissec98.pdf
Source 2: http://dx.doi.org/10.1145/290163.290164 - Subscription or payment required

The important problem of user password selection is addressed and a new proactive password-checking technique is presented. In a training phase, a decision tree is generated based on a given dictionary of weak passwords. Then, the decision tree is used to determine whether a user password should be accepted. Experimental results described here show that the method leads to a very high dictionary compression (up to 1000 to 1) with low error rates (of the order of 1%). A prototype implementation, called ProCheck, is made available online. We survey previous approaches to proactive password checking, and provide an in-depth comparison.

Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com