Applied Sciences (Oct 2021)

Strength Analysis of Real-Life Passwords Using Markov Models

  • Viktor Taneski,
  • Marko Kompara,
  • Marjan Heričko,
  • Boštjan Brumen

DOI
https://doi.org/10.3390/app11209406
Journal volume & issue
Vol. 11, no. 20
p. 9406

Abstract

Read online

Recent literature proposes the use of a proactive password checker as method for preventing users from creating easy-to-guess passwords. Markov models can help us create a more effective password checker that would be able to check the probability of a given password to be chosen by an attacker. We investigate the ability of different Markov models to calculate a variety of passwords from different topics, in order to find out whether one Markov model is sufficient for creating a more effective password checker. The results of our study show that multiple models are required in order to be able to do strength calculations for a wide range of passwords. To the best of our knowledge, this is the first password strength study where the effect of the training password datasets on the success of the model is investigated.

Keywords