Neural networks will help users choose stronger passwords
Researchers at Carnegie Mellon University came to the conclusion that the neural network trained to study the intruders approach to brute force passwords that can be used to ensure minimum security passwords without using a huge "black lists" and bulky combinations of letters, numbers and special characters.
Using a neural network model, the researchers analyzed a number of different password guidelines, ranging from eight-digit passwords using one class (letters, for example) to sixteen-digit passwords using four classes (lowercase, uppercase, numbers, and symbols). The study showed that using only 12 characters of the same class and following the recommendations of the neural network allowed creating passwords that are difficult to crack, which should be enough for most use cases.
According to experts, the requirement to combine different registers, numbers and symbols is optional.
“There used to be far fewer 3- and 4-grade passwords available on the Web. It was more difficult for attackers to devise ways to effectively guess such passwords. Now that there have been many leaks of such passwords, it is much easier to train the algorithm to guess them, "the researchers explained.
The research is aimed at finding the best balance between usability and password security. The neural network simulates the behavior of attackers in order to determine which combinations can be easily guessed using existing methods.The combination of minimal password length and adherence to the neural network strength standard can help companies ensure that their employees create passwords that are difficult to crack, experts say.