Sign In

Communications of the ACM

ACM TechNews

Smarter Password Checker Lets You Compare With Others

View as: Print Mobile App Share:
username and password fields

Credit: Caroline Morley / New Scientist

Researchers at INRIA and Ruhr University have developed a system designed to rate passwords relative to those already stored in a Web site's database, rather than follow rules for password strength. The password strength checker can tell users if their password is among the weakest 5 percent on a site and encourage them to choose a stronger alternative.

Existing password strength checkers might offer vague strength messages based on the length or number of special characters, but the researchers' system focuses on each sequence of characters within a password and compares them to a site's database to see how often those sequences occur in other passwords.

However, experts note that comparing a password to others could be risky. The researchers say they never use an entire password for comparisons, only sequences of a certain length, and add that a certain amount of noise is included in sequences to make it difficult for database-stealing hackers to reconstruct a valid password.

From New Scientist
View Full Article


Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account