Title Slaptažodžių, kaip autorizavimo priemonės, saugumo analizė /
Translation of Title The security analysis of text-based passwords.
Authors Dervinis, Donatas
Full Text Download
Is Part of Role of higher education institutions in society: challenges, tendencies and perspectives: academic papers = Aukštųjų mokyklų vaidmuo visuomenėje: iššūkiai, tendencijos ir perspektyvos : mokslo darbai.. Alytus : Alytaus kolegija. 2017, Nr. 1 (6), p. 63-67.. ISSN 2029-9311
Keywords [eng] Length of passwords ; authorization ; hacking ; attack
Abstract [eng] Today’s many authentication for users (approx. 86%) are on text-based passwords. From past many users create passwords with length from 6 until 8 chars based major symbols: lowercase and number. Now already not enough – graphics processing unit (GPU) can to test 350 billion words per second. The password with 8 characters can be detected thru several hours. Many users (21%) changed own password 10 years ago. 40% of users use one password for all accounts. The object of research – text-based passwords. The aim of this research – analyze the security of password for users authentication. The data analysis (N=62 thous.) shown that 74% of password length until 8 symbols and 68% has only lowercase and uppercase. The experiment was made with 5 password groups: lowercase (total 26 symb.); lowercase and number (total 36 symb.); lowercase and uppercase (total 52 symb.); lowercase, uppercase and numbers (total 62 symb.); lowercase, uppercase numbers and other symbol (total 96 symb.). We set 24 hours threshold for “safe password”. The result shown that in brute force attack need minimum 12 symbols with lowercase password; 11 symbols with lowercase and number; 8 symbols length password is enough if are using all 96 possible symbols for password design. Next was calculated entropy of standard passwords which was based by mask. For example: 5 lowercase + 1 uppercase + 2 numbers + 2 other symbol – total password length 10 symbol. The result shown that “safe password” starting only from 11 sign length password with mask: 8 lowercase + 2 uppercase + 1 numbers. If need more secure password - detection time must increase 10 time, the password need increase by 1-2 extra symbols.
Published Alytus : Alytaus kolegija
Type Journal article
Language Lithuanian
Publication date 2017