High Dictionary Compression for Proactive Password Checking

F. Bergadano, B. Crispo and G. Ruffo

Università di Torino, Italy

Abstract

The important problem of user password selection is addressed and a new proactive password checking technique is presented. In a training phase, a decision tree is generated based on a given dictionary of weak passwords. Then, the decision tree is used to determine whether a user password should be accepted. Experimental results described here show that the method leads to very high dictionary compression with low error rates . We survey previous approaches to proactive password checking, and provide an in-depth comparison.

[Full version of the paper]