About passwords

18Citations
Citations of this article
34Readers
Mendeley users who have this article in their library.

Abstract

In our age of cyber war and cyber crime, it is critically important to select and use "good" passwords to protect user accounts. A well-known general rule says that passwords should contain a mix of letters, numbers, and special characters. In this paper I will show mathematically that this rule is a misbelief. Instead of this, the length is the significantly important attribute. Then I will analyse the most common password structures and give an estimation on the time requirements of brute force attacks. (Un)fortunately there are a lot of password lists originating from a lot of intrusions and data thefts to analyse, and we have the incredible results of the latest brute force experiments. On the basis of these calculations we can state that passwords can give us strong protection if we apply some simple rules, unless the password encoding algorithm of the operating system is too weak. It is worth the time and energy for mathematicians to develop stronger hash functions and OS manufacturers to apply them, but this is not discussed here, and nor is how password using habits have changed.

Cite

CITATION STYLE

APA

Keszthelyi, A. (2013). About passwords. Acta Polytechnica Hungarica, 10(6), 99–118. https://doi.org/10.12700/aph.10.06.2013.6.6

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free