A note on proactive password checking

10 September 2001

proceedings article
Published by Association for Computing Machinery (ACM)

p. 127-135
https://doi.org/10.1145/508171.508194

Abstract

Nowadays, proactive password checking algorithms are based on the philosophy of the dictionary attack, and they often fail to prevent some weak passwords with low entropy. In this paper, a new approach is proposed to deal with this new class of weak passwords by (roughly) measuring entropy. A simple example is given to exploit effective patterns to prevent low-entropy passwords as the first step of entropy-based proactive password checking.

Keywords

This publication has 4 references indexed in Scilit:

High dictionary compression for proactive password checking
ACM Transactions on Information and System Security, 1998
Proactive password checking with decision trees
Published by Association for Computing Machinery (ACM) ,1997
OPUS: Preventing weak password choices
Computers & Security, 1992
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM, 1970