Abstract
User-created strong passwords are the key to guaranteeing the security of password authentication. In practice, users often choose passwords that feel safe and that they can remember easily. However, the user's perception of the strength of passwords is inconsistent with the actual strength of these passwords. To encourage users to create strong passwords, many websites use password meters to visualize the strengths of user-chosen passwords, whereas the existing password meters have limited accuracy. The state-of-the-art password-guessing approaches have high accuracy in testing the strengths of passwords, but these algorithms are not suitable for detecting user password strength directly on the client side, due to the long running time and the data storage problem. In this paper, we propose a lightweight password-strength estimation method (LPSE). By testing the strong and weak passwords selected by a state-of-the-art password cracking-algorithm, we observed that our LPSE algorithm is superior to the existing lightweight password-strength estimation algorithms in the accurate identification of strong passwords and weak passwords. Moreover, the LPSE algorithm requires notably little storage space and is sufficiently fast for client-side measurement of password strength.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
