Password Cracking Based on Special Keyboard Patterns
Journal
International Journal of Innovative Computing, Information and Control
Journal Volume
8
Journal Issue
1A
Pages
387-402
Date Issued
2012-01
Author(s)
Abstract
Passwords are still the most commonly used mechanism for user authentication. However, they are vulnerable to dictionary attacks. In order to guard against such attacks, administrative policies force the use of complex rules to create passwords. One commonly used "trick" is to use keyboard patterns, i.e., key patterns on a keyboard, to create passwords that conform to the complex rules. This paper proposes an efficient and effective method to attack passwords generated from some special keyboard patterns. We create a framework to formally describe the commonly used keyboard patterns of adjacent keys and parallel keys, called AP patterns, to generate password databases. Our simulation results show that the password space generated using AP patterns is about 2 44.47 times smaller than that generated for a brute-force attack. We also design a hybrid password cracking system consisting of different attacking methods to verify the effectiveness. Our results show that the number of passwords cracked increases up to 114% on average than without applying AP patterns. © 2012 ICIC International.
Subjects
Brute-force attack; Dictionary attack; Keyboard pattern; Password cracking
SDGs
Other Subjects
Brute-force attack; Dictionary attack; Key Patterns; Keyboard pattern; Password cracking; User authentication; Authentication; Computer crime
Type
journal article