Investigating the Distribution of Password Choices
Malone, David and Maher, Kevin (2012) Investigating the Distribution of Password Choices. In: WWW '12 Proceedings of the 21st international conference on World Wide Web. ACM, New York, pp. 301-310. ISBN 978-1-4503-1229-5 AbstractIn this paper we will look at the distribution
with which passwords are chosen. Zipf’s Law
is commonly observed in lists of chosen words.
Using password lists from four different on-
line sources, we will investigate if Zipf’s law is
a good candidate for describing the frequency
with which passwords are chosen. We look at a
number of standard statistics, used to measure
the security of password distributions, and see
if modelling the data using Zipf’s Law produces
good estimates of these statistics. We then look
at the the similarity of the password distribu-
tions from each of our sources, using guessing
as a metric. This shows that these distributions
provide effective tools for cracking passwords.
Finally, we will show how to shape the distribu-
tion of passwords in use, by occasionally asking
users to choose a different password. | Additional Information: | Preprint version of original published paper. The definitive version of this paper is published in the WWW '12 Proceedings of the 21st international conference on World Wide Web (2012) doi>10.1145/2187836.2187878 |
|---|
| Keywords: | Distribution; Password Choices; Zipf’s Law; |
|---|
| Subjects: | Science & Engineering > Hamilton Institute |
|---|
| ID Code: | 3754 |
|---|
| Deposited By: | Dr. David Malone |
|---|
| Deposited On: | 13 Jun 2012 16:25 |
|---|
| Publisher: | ACM |
|---|
| Refereed: | No |
|---|
| URL: | http://www.acm.org/, http://www.hamilton.ie/ |
|---|
Repository Staff Only: item control page
|
![[img]](http://eprints.nuim.ie/style/images/fileicons/application_pdf.png)