Pass phrases that are grammatically correct are more vulnerable to the latest password cracking software.
http://arstechnica.com/security/2013/01/grammar-badness-makes-cracking-harder-the-long-password/
http://m.computerworld.com/s/article/9236227/_Andyhave3cats_is_a_better_password_than_Shehave3cats_study_finds / decreasing search space long phrases defeat recent advances password cracking bigger isn't necessarily better grammatical rules team Ph.D. graduate grad students Carnegie Mellon University Massachusetts Institute of Technology MIT developed algorithm targets passcodes minimum number characters freely available John the Ripper cracking program result much more efficient cracking passphrases followed commonly used grammatical rules ordering parts of speech in sequence determiner adjective noun tested against passwords containing characters grammar-aware cracker surpassed state-of-the-art password crackers passcodes grammatical structures dataset cracked algorithm security experts revising password policies combat growing sophistication modern cracking techniques average password weaker than ever before key strategy in making passwords more resilient longer passcodes passphrases memorable end user phrases or sentences grammatical structures dramatically narrow possible combinations sequences words crackers guess spaces removed order of magnitude weaker more tries to correctly guess Underlying structures research paper titled Effect of Grammar on Security of Long Passwords /
No comments:
Post a Comment