Topic: probabilities and password cracking. The final grade was a 7 (18/20). ~~~ In this IA, I determined the criteria of a strong password that cannot be easily broken by computer. Then I derived formula and calculated how long it would take to crack passwords of different strengths. As an extensi...
In the modern world more than a million terabytes of information is stored online
(Mitchell, n.d.), a significant part of which is private or not meant to be changed or
revealed to strangers. Documents, reports, investigations, and simply accounts and
conversations in social media - everything on the Internet needs to be under secure
control, and this is where a good password will help.
As there is a lot of important information stored on the web, there also are those
trying to get this information. During digital era, when most of the world’s population
is keeping all its files stored online, it is extremely important for people to know how
to keep it safe, however the statistics on this topic is shocking - more than 80% of
passwords on the web are so easy and predictable that they can be cracked by an
average computer in seconds (Hunt, 2018). I myself had my social accounts cracked
by hackers, and this is why I personally believe that this investigation will be
important and relevant in the modern world. This along with my interest in
mathematics behind password breaking made me decide to write a work on this
topic.
The aim of this investigation is to determine the criterias of a strong password that
cannot be easily broken by computer and to calculate how long it will take to crack
passwords of different strengths. As an extension of this investigation I will be able to
explore the use of different hacking methods at the same time in a more realistic
situation and determine which method is more effective in which case.
There are different types of hacking attacks existing. In the purpose of this
investigation only two types will be considered. The first and the most popular one is
a brute force attack, which is working through all possible combinations of letters,
numbers and other characters in order to get the password. This type of attack will
be investigated in the first part of the essay. Dictionary attack is another method of
breaching the password, and it implies systematically entering every word in a
3
, dictionary as a password (“What is Dictionary Attack?”, n.d.). This method will be
explored in the extension of the investigation.
Investigation
While creating a password for a website or a social media account, it often requires a
certain amount of letters, numbers or special characters to be included in the
password in order to make it stronger. In some websites a special scale is present,
which shows if your password is “weak”, “normal” or “strong”. But what is a weak and
a strong password? What are the determinants of a really good password that will
keep your information safe? To answer these questions I will derive a formula for
calculating the password’s strength.
Strength of the password is inversely proportional to the probability of cracking this
password. The lower the chances - the better the password. Probability to break a
password depends on many aspects, like how powerful the computer is, how much
information about your password it has, which techniques it is using, number of
special characters used in the password and the length of the password. For the
purposes of this essay I will use only two last aspects to create the formula for the
strength of a password.
In order to derive the formula, I will take a particular example. Let us say that the
password “06948337” is given for the computer to break. As the password is
numerical, for each digit there are only 10 possible numbers that could be used. To
guess first two digits the computer will have to consider now 10 × 10 options.To
guess every 8 numbers in the right order a computer will have to try 108 possible
passwords. Therefore the probability to find exactly “06948337” from the first try is
1
= 10−8 .
108
From these observations a simple formula for password strength (S) was derived:
4
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller alexxandra. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.
