A novel multimodal method for the estimation of password strength was presented in Part I of this series of two papers. In the present article, the experimental framework used for the validation of the novel approach is described. The method is evaluated following a reproducible protocol which includes a three-dimensional approach: 1) deterministic assessment, 2) statistical assessment, and 3) on-going public assessment thanks to the release of an executable application that integrates the multimodal metric. The main experiment of the protocol compares, from a probabilistic point of view, the strength distributions assigned to passwords broken with increasingly advanced and complex attacking approaches, following the usual strategy in a typical password cracking session. In addition to its consistent results, the proposed method is highly flexible and can be adjusted to work on specific environments or adapted to a certain password policy. Furthermore, it can also evolve over time in order to naturally adjust to new password selection trends followed by users.
GALBALLY HERRERO Javier;
COISEL Iwen;
SANCHEZ MARTIN Jose Ignacio;
2017-10-24
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
JRC102425
1556-6013,
http://ieeexplore.ieee.org/document/7987763/,
https://publications.jrc.ec.europa.eu/repository/handle/JRC102425,
10.1109/TIFS.2017.2730359,
This document is only visible at the Commission level.
You are not authorized to publish or distribute it outside the European Commission.
This is a public document. You can share this publication.
Additional supporting files
| File name | Description | File type | |
|---|
