Iliash Implementation of the password complexity diagnostic system

Abstract

Password diagnostic systems are becoming increasingly relevant in the modern world due to the growth of internet services and the need to protect personal data. Evaluating password complexity allows for assessing the strength of passwords against different types of attacks, including brute force, dictionary attacks, and other methods. In this work, a system for checking password complexity was developed, which takes into account new approaches to forming the uniqueness of the selected sequence of characters. As opposed to standard methods used in the most common password generating systems, such as length, the presence of special characters and numbers, and the use of upper and lower case letters, this work proposes to check for repetitions and matches with the most common passwords. For this purpose, a database of 10,000 passwords was connected to the developed system. To speed up the checking for matches, the Levenshtein distance algorithm was used. The Levenshtein algorithm works using dynamic programming. It considers two strings that need to be compared and creates a matrix that shows the minimum number of editing operations required to transform one string into the other. This implementation allowed for faster password generation compared to existing systems. The work details the algorithms for all the main stages of password complexity checking and proposes code implementation in Javascript. The Levenshtein algorithm can be useful for determining text similarity or searching for possible correct variants of misspelled words. It can also be used for implementing autocomplete in programs that use user input. The implemented system can be integrated into many different programs and web services for automatic password complexity determination, allowing for its use in various areas such as banking, medical services, and others. As a result of work on this project, it has been confirmed that using a password complexity diagnostic system can significantly reduce the risk of unauthorized access to systems containing important confidential information.