computers & security 73 (2018) 507–518 Available online at www.sciencedirect.com ScienceDirect journal homepage: www.elsevier.com/locate/cose LPSE: Lightweight password-strength estimation for password meters Yimin Guo *, Zhenfeng Zhang Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing, China ARTICLE INFO ABSTRACT Article history: User-created strong passwords are the key to guaranteeing the security of password au- Received 20 April 2017 thentication. In practice, users often choose passwords that feel safe and that they can Received in revised form 7 July 2017 remember easily. However, the user’s perception of the strength of passwords is inconsis- Accepted 11 July 2017 tent with the actual strength of these passwords. To encourage users to create strong Available online 21 December 2017 passwords, many websites use password meters to visualize the strengths of user-chosen passwords, whereas the existing password meters have limited accuracy. The state-of-the- Keywords: art password-guessing approaches have high accuracy in testing the strengths of passwords, Password meter but these algorithms are not suitable for detecting user password strength directly on the Password-strength estimation client side, due to the long running time and the data storage problem. In this paper, we Cosine-length similarity propose a lightweight password-strength estimation method (LPSE). By testing the strong Edit-length similarity and weak passwords selected by a state-of-the-art password cracking-algorithm, we ob- Password guessing served that our LPSE algorithm is superior to the existing lightweight password-strength estimation algorithms in the accurate identification of strong passwords and weak pass- words. Moreover, the LPSE algorithm requires notably little storage space and is sufficiently fast for client-side measurement of password strength. © 2017 Elsevier Ltd. All rights reserved. assigned passwords can be hard to guess, but they are also 1. Introduction difficult to remember for users. Password composition poli- cies require that each password meet certain requirements (e.g. Password authentication is the first line of defense in protect- at least 8 characters in length and at least from three of four ing network systems. Text passwords are a common form of character classes), which can also make passwords difficult to authentication (Stobert and Biddle, 2014). To ensure the secu- guess (Komanduri et al., 2011). However, a strict password com- rity of text-password authentication, many systems require position policy can lead to user frustration, and the user may users to choose strong passwords. User-created passwords are choose the password in a simple and predictable way to meet easy to remember, but are also vulnerable to guessing attacks the policy requirements (Komanduri et al., 2011; Shay et al., (Das et al., 2014; Stobert and Biddle, 2014; Ur et al., 2016; Wash 2010). Another way to permit users to select strong pass- et al., 2016). To prevent the emergence of weak passwords, words is to employ proactive password checking (Bishop and system administrators have adopted a variety of measures, in- Klein, 1995). Recently, proactive password checkers are being cluding system-assigned passwords (Al-Ameen et al., 2015; Huh deployed as password meters on many websites to encour- et al., 2015) and strict password composition policies (Inglesant age users to choose strong passwords (Shay et al., 2015). The and Sasse, 2010; Shay et al., 2016; Weir et al., 2010). System- password meter is usually a visual representation of password * Corresponding author. E-mail address: [email protected] (Y. Guo). https://doi.org/10.1016/j.cose.2017.07.012 0167-4048/© 2017 Elsevier Ltd. All rights reserved. 508 computers & security 73 (2018) 507–518 strength on the screen with text and color bars. Evidence shows niques are computationally intensive, require a large amount that users are influenced by password meters in their pass- of storage space, and are not suitable for deployment on the word choices when informed about password strength (Egelman client side for measuring password strength (Kelley et al., 2012; et al., 2013; Ur et al., 2012). Ur et al. (2012) found that various Melicher et al., 2016). It is also not appropriate to adopt a visual password meters encourage users to create longer pass- common password dictionary on the client side, because a words. The password meters also affect the users’ act of common password dictionary not only needs some storage password creation, and lead users to choose different charac- space but also increases the searching time of the password- ters with which to build their passwords, such as digits, special evaluation algorithms. In addition, a common password symbols, and uppercase letters. dictionary includes words in only one language, and the most To help users choose stronger passwords, many websites common words in passwords in other languages are not have deployed password meters to provide visual feedback on recognized. password strength. However, previous study has shown that To evaluate accurately the strengths of user-created pass- the existing password meters have limited accuracy as they words in real time, we propose a lightweight password- often label weak passwords as strong and mark strong pass- strength estimation method (LPSE) that is suitable for running wordsasweak(Castelluccia et al., 2012), and different password entirely on the client side. LPSE measures the strength of a pass- meters give highly inconsistent strength outcomes for the same word by comparing the similarity in the structure and the password (de Carnavalet and Mannan, 2014, 2015; Ji et al., 2015). distance between a given password and a standard strong pass- The limited accuracy of existing password meters may confuse word. A large number of strong passwords and weak passwords, users in choosing a stronger password. Most of the existing selected by the state-of-the-art password-cracking algo- password meters are deployed on either the server or the client, rithm, were tested. We found that the similarity-evaluation and they employ rule-based methods to measure password method can more fully capture the strong and weak pass- strength. Simple rule-based strength-estimation algorithms word features and can determine the password strength more cannot capture the complexity of passwords, making it diffi- accurately than the existing password-strength meters. cult to accurately estimate the strengths of given passwords Our main contributions are the following. (Melicher et al., 2016). Recent researches (de Carnavalet and Mannan, 2015; Melicher et al., 2016) show that the zxcvbn al- (1) We represent passwords by vectors that contain the com- gorithm (Wheeler, 2016) uses some reasonable evaluation rules, ponents of the different character types and lengths that and gives more accurate strength estimates than other rule- make up the password. By determining the similarity based password-strength algorithms. between a given password vector and the standard It is a challenging task to design a password-strength evalu- strong-password vector in terms of structure, vector ation method that is suitable for password meters. Due to the modulus and password distance, it can accurately capture complexity of passwords, there are still some deviations in the characteristics of a given password from multiple strength measurements of the same password using the most perspectives. advanced password-guessing techniques (Ur et al., 2015). We (2) The password-evaluation method proposed in this paper believe that an efficient lightweight password meter should be is lightweight: it not only can accurately identify the capable of accurately determining the strength of a proposed password strength but also has such advantages as password on the user’s client machine. There are security and small storage space, fast running speed, and ease of latency problems with the password meters deployed on the implementation. It is suitable for client-side password server side (Melicher et al., 2016; Van Acker et al., 2015). If the checking. password-strength estimation is done on the client side, it is (3) The accuracies of our scheme and several existing necessary to run the password strength meter in real time with schemes are evaluated by performing a number of ex- small storage. de Carnavalet and Mannan (2015) suggest that periments. We compared the impacts of these schemes several factors must be considered in designing a high- on the usability and security of user-chosen pass- accuracy password checker: inherent patterns in user choice, words, and found that LPSE has the lowest false-negative dictionaries used in cracking tools, exposure of large pass- rate in determining the password strength. word databases, and user adaptation against password policies. Designing such a password checker would apparently be a dif- ficult task. One cannot know what dictionaries the attackers 2. Related work are using, nor can one know all the leaked password data- bases. To simplify these challenges, de Carnavalet and Mannan There are two primary ways to measure password strength. (2015) suggest that the primary goal of password meters is only The first approach relies on the complexity of the password to detect weak passwords by leveraging known password- itself, such as evaluating password strength as Shannon entropy cracking techniques and common password dictionaries. (Bonneau et al., 2015; Lin,