Abstract
This paper presents an adaptable password guessability service suited for different password generators according to what a user might need when using such a service. In particular, we introduce a flexible cloud-based software architecture engineered to provide an efficient and robust password guessability service that benefits from all the features and goals expected from cloud applications. This architecture comprises several components, featuring the combination of a synthetic dataset generator realized via a generative adversarial network (GAN), which may learn the distribution of passwords from a given dictionary and generate high-quality password guesses, along with a password guessability estimator realized via a password strength estimation algorithm. In addition to detailing the architecture’s components, we run a performance evaluation on the architecture’s key components, obtaining promising results. Finally, the complete application is delivered and may be used by a user to estimate the strength of a password and the time taken by an average computer to enumerate it.
Highlights
Online passwords security is an ongoing security problem due to constant attacks on online exposed services and the lack of safe behavior from users while connecting to those services, especially when users need to create and protect their passwords
The first adaptable password guessability service offered as a cloud-based service to benefit from all the features and goals expected for cloud applications, e.g., scalability and availability
This paper presents a micro-service architecture that can offer an adaptable password strength estimator through a Security as a Service model
Summary
Online passwords security is an ongoing security problem due to constant attacks on online exposed services and the lack of safe behavior from users while connecting to those services, especially when users need to create and protect their passwords. Attackers or hackers use techniques and tools for breaching and cracking passwords [5]. This problem represents a vulnerability to be exploited. It is necessary to develop a tool that allows the users to know how secure their password is, i.e., a tool a user can utilize for estimating the strength of a chosen password. Such a tool should leverage the best available resources to give the appropriate feedback to the users.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have