A New Targeted Online Password Guessing Algorithm Based on Old Password
Abstract: Password authentication is a widely used identity authentication method for computer supported cooperative systems. However, the frequent occurrence of password leakage incidents has become a universal problem, and the leaked passwords seriously threaten the security of users’ unleaked passwords. In order to gain a deeper understanding of the relationship between users’ old passwords and new passwords and help users choose a securer new password when their old passwords are leaked, we propose a new targeted online guessing algorithm, Targuess-II <sup>+</sup> , based on old password in this article. As a new probabilistic algorithm, Targuess-II <sup>+</sup> not only supports the application of strong transformation rules at any positions in a password, but also shows the transformation process from one password to another. Our analysis and experimental results have demonstrated that Targuess-II <sup>+</sup> obtains better performance in terms of crack rate and efficiency compared with other existing algorithms.
Loading