Research On Password Strength Meter Based On Group

Identity authentication is an important means to ensure the security of user information.Although there are multiple authentication methods such as bio-iris and fingerprints,text passwords will be the main authentication method for the foreseeable future due to their low cost and easy implementation.The weak awareness of user password security and the uneven meters of existing password strength make the password security situation increasingly severe.Password strength meter is an important part of password security research.The current password strength meters ignore the regional characteristics of passwords,and do not take the impact of regional groups on password generation into consideration.At the same time,as a mainstream method,password strength meter based on heuristic or probability model can only perform accurate strength evaluation on a specific type of password,so it lacks versatility.Therefore,this paper takes the lead in proposing the concept of “group password” to analyze the password characteristics of different groups,and on this basis,the password strength meter research is carried out.The main research work of this paper is as follows:1.Vulnerability analysis of group characteristics of large-scale real leaked passwords.This paper analyzes about 200 million passwords in 10 password databases at home and abroad.These passwords are divided into password groups by region,website service type,etc.,and the vulnerability analysis of group features is analyzed from the aspects of password length distribution,popular password,password reuse,etc.,which proves that different group passwords have different characteristics.For example,Sichuanese prefer to use "panda" as a password.2.In order to explore the impact of group characteristics on password generation,this paper proposes a password strength meter(AM-LSTM PSM)for groups.The meter uses the attention mechanism to learn the relationship between the group features and the password context features,and then processes the text passwords by using the long short-term memory model with the natural advantages of processing time series features,thereby improving the accuracy of password strength meter.Finally,the effectiveness of the password strength meter is verified by comparative experiments.3.In order to make the password strength meter universal,this paper proposes an ensemble learning-based group password strength meter(ELG PSM).The meter firstly uses the actual password data to train multiple password strength meters as the sub-models.Then the sub-models are used as the base learner for ensemble learning.The ensemble learning model combines the advantages of multiple base learners to show a higher accuracy and is more versatile.Finally,the effectiveness of the scheme is confirmed by experiments using multiple types of passwords.