Modified Password Guessing Methods Based on TarGuess-I

Xie, Zhijie; Zhang, Min; Guo, Yuqi; Li, Zhenhan; Wang, Hongjun

doi:10.1155/2020/8837210

Cited by 5 publications

(1 citation statement)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some of the renowned tools are Password Meter (PM, 2008), Microsoft Password Checker (MPC, 2008), Google Password Meter (GPM, 2008), etc [3]. Also, few passwords guessing tools are also available such as HashCat, PassGAN [4], TarGuess I-IV [5] etc. Generally password guidelines are a low-cost solution to the problem of improving the security and usability of text-based passwords [6].…”

Section: Introductionmentioning

confidence: 99%

Building a Multi-class Password Strength Generator and Classifier Model by Augmenting Supervised Machine Learning Techniques

Sakya

Mauparna

2022

Preprint

View full text Add to dashboard Cite

In the current scenario, password is the most indispensable authentication mechanism with respect to any system security. Although a plethora of authentication methods are available now-a-days which provides improved security such as biometrics and smart cards but still the password authentication mechanism is auspicious to everyone for the enhanced system security along with the ease of implementation. On account of the conventional pattern of passwords, these are exposed to different types of vulnerabilities. Generally, human beings prefer to set a password related to their birth place, date of birth, keyboard patterns, dictionary words etc. The online or offline attackers can guess these passwords easily and intrude the system security. The diverse varieties of password cracking tools available are primarily based on guessing of passwords, irrespective of the fact that it may be online or offline. The bulk of these tools can easily crack such accounts possessing weak password or password with some common patterns. So, every organization must ensure to govern a policy regarding the implementation of strong passwords since the usage of strong passwords will reduce the different types of vulnerabilities. In the proposed work, at first the dataset employed in the study has been generated by implementing a password generator and secondly, the password strength prediction is modeled as a classification task through the implementation of multiple supervised machine learning algorithms. These algorithms are utilized for the training and testing purpose of the dataset. However, during the testing phase, the XGBoost algorithm outperforms the other machine learning algorithms with an accuracy of 94\%. The primary contribution of this work is the generation of the dataset by employing a password generator followed by the application of some machine learning algorithms like Adaboost, XGBoost(XGB), Stochastic Gradient Descent (SGD) and Multilayer Perceptron (MLP) during the training and testing phase which has not been considered in similar other works. The final results divulge that machine learning approaches have plenty of capabilities to categorize the various types of passwords into different classes such as very weak, weak, medium, strong, very strong.

show abstract

Section: Introductionmentioning

confidence: 99%