On the Semantic Patterns of Passwords and their Security Impact
Download: Paper (PDF)
Date: 22 Feb 2014
Document Type: Briefing Papers
Additional Documents: Slides
Associated Event: NDSS Symposium 2014
Abstract:
We present the first framework for segmentation, semantic classification and generalization of passwords and demonstrate how probabilistic grammars encoding the semantics of password samples can lead to better cracking results than the state-of-the-art method. In sessions of 3 billion guesses, we guess approximately 67% more passwords from the LinkedIn leak and 32% more passwords from the MySpace leak.