Papers and sources - Githubissues

manncr / Password-Strengths-cs478

We will create a password strength demo that tests a given password live against 5-10 different strength tests, and giving results for each one.

1 stars 0 forks source link

Papers and sources #1

Open manncr opened 4 years ago

manncr commented 4 years ago

Put them links in here

manncr commented 4 years ago

This paper discusses a few different attack approaches to passwords, a few metrics like entropy, Levenshtein distance, and complexity, and compares the password strength meters of several services like Paypal and FedEx:

https://www.researchgate.net/publication/318154948_On_Password_Strength_A_Survey_and_Analysis

jemisonf commented 4 years ago

this evaluates a really long list of password strength metes and lists their different criteria: https://dl.acm.org/doi/abs/10.1145/2739044

jemisonf commented 4 years ago

OWASP recommendations: https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html#implement-proper-password-strength-controls

cryarr commented 4 years ago

CMU's data driven password strength meter: https://www.cs.cmu.edu/~pemamina/publication/CHI'17/p3775-ur.pdf

cryarr commented 4 years ago

Effects of password checkers on making your password: https://www.archive.ece.cmu.edu/~lbauer/papers/2012/usenix2012-meters.pdf

manncr commented 4 years ago

Article overviewing 5 algorithm approaches for testing password strength: https://nulab.com/blog/tech/password-strength/

manncr commented 4 years ago

For interpreting entropy score into a strength: http://iocane.com.au/talking-passwords-and-entropy/