Corpus ID: 63933670

An Investigation of Machine Learning for Password Evaluation

  title={An Investigation of Machine Learning for Password Evaluation},
  author={M Todd},
  • M. Todd
  • Published 2016
  • Computer Science
Introducing a Machine Learning Password Metric Based on EFKM Clustering Algorithm
A password strength metric using Enhanced Fuzzy K-Means clustering algorithm (EFKM) is introduced, able to recognize all the passwords from the OWASP as weak passwords only and regarding the leaked passwords, the metric recognizes almost the entire set of weak passwords. Expand
Nuevo modelo probabilístico en autenticación gráfica
La autenticacion es esencial en la seguridad de los modernos servicios digitales de procesamiento de informacion. Las contrasenas alfanumericas son las mas empleadas, pero poseen debilidades que lasExpand


10,000 Top Passwords
  • 20 June 2011. [Online]. Available: passwords/#more-269.
  • 2011
Can long passwords be secure and usable?
Among the longer policies, new evidence for a security/usability tradeoff is discovered, with none being strictly better than another on both dimensions, however, several policies are both more usable and more secure that the traditional policy the authors tested. Expand
Telepathwords: Preventing Weak Passwords by Reading Users' Minds
It is found that participants create far fewer weak passwords using the Telepathword-based policies than policies based only on character composition, and participants using Telepathwords were also more likely to report that the password feedback was helpful. Expand
An investigation of semantic patterns in passwords
This thesis presents the first framework for segmentation, semantic classification and semantic generalization of passwords and a model that captures the semantic essence of password samples and demonstrates that the knowledge captured by the model can be used to crack more passwords than the state-of-the-art approach. Expand
Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms
An efficient distributed method is developed for calculating how effectively several heuristic password-guessing algorithms guess passwords, and the relationship between guess ability, as measured with password-cracking algorithms, and entropy estimates is investigated. Expand
How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation
It was found that meters with a variety of visual appearances led users to create longer passwords, however, significant increases in resistance to a password-cracking algorithm were only achieved using meters that scored passwords stringently. Expand
Testing metrics for password creation policies by attacking large sets of revealed passwords
This paper attempts to determine the effectiveness of using entropy, as defined in NIST SP800-63, as a measurement of the security provided by various password creation policies, by modeling the success rate of current password cracking techniques against real user passwords. Expand
How Secure Is My Password
  • Small Hadron Collider, [Online]. Available: [Accessed July 2016].
  • 2016
The Quest to Replace Passwords : a Framework for Comparative Evaluation of Web Authentication Schemes
The goal of this paper is to evaluate two decades of proposals to replace text passwords, covering a wide range scenarios, in contrast with other evaluations that address very speci c environments and narrow scenarios. Expand
zxcvbn: Low-Budget Password Strength Estimation
  • Dan Wheeler
  • Computer Science
  • USENIX Security Symposium
  • 2016
For over 30 years, password requirements and feedback have largely remained a product of LUDS: counts of lowerand uppercase letters, digits and symbols. LUDS remains ubiquitous despite being aExpand