Evaluation of Leet Speak on Password Strength and Security

Abstract

Making secure passwords is one of the biggest challenges in everyday life. There are numerous rules and requirements making passwords complex and hard to remember, and keeping track of which password is for which account is a major hassle. According to an article from HelpNetSecurity, statistics show that an alarming “78% of respondents required a password reset in their personal life within the last 90 days” ("78% of people"). In recent years, leet speak has become increasingly popular as a way to create memorable passwords. Leet speak is a convenient method for users to create passwords that meet password requirements in many services. But there has been increasing debate on whether this approach is a secure and safe method or not. This paper aims to solve this debate by effectively evaluating the strength of ordinary passwords and leet passwords using various means. With the help of password cracking or recovery tools and password strength classifiers, this paper will compare the cracking time and strength scores of ordinary passwords and leet converted passwords. The paper will begin with a background information section explaining important concepts discussed in the paper, followed by the methodology of the experiment, a presentation of the data along with the evaluation of the results, and a conclusion at the end.