An analysis of CFG password against brute force attack for web applications

Abstract

In this paper, we report on a study of brute force attack on CFG passwords. Alphanumeric Passwords are the common and usual mode of authentication for a range of online login. Human proclivities in creating Password draw hackers and enthusiastic Password Crackers to crack down password easily using various techniques, with accessible computing power and available large number of tools. Common attacks on passwords are Brute force attack, Dictionary attack and Hybrid attack. A new method of Alphanumeric Password Authentication for user login is “CFG Password”. Context free Grammar Passwords are a class of Alphanumeric Password which differs uniquely from random passwords with certain specifications. CFG passwords are created using the model of the Context Free Grammar. This technique can be used as authentication for web applications. Analysis on CFG Password against Brute force attack is carried out using two open source tools. Comparative analysis has been carried out, based on that suggestions are given to create strong CFG Password for Secured System and where, how it can be used.