Closed dbosk closed 7 years ago
We can add this to the lab [pwdguess] and this can later be discussed during the seminar [pwdpolicies] as well, and the insights can contribute to what we do there.
The infotheory module provides the theoretical basis for this.
It adds little to have this in the lab too. It's of more value in the seminar only.
Extend
pwdguess
to estimate how much easier a password is to guess knowing the policy. This should be possible by computing the reduction in entropy that the policy yields.This shows the importance of studying every password-composition policy before using it. It connects well with the usable passwords papers they should read in
pwdpolicies
.