CN106934275A - A kind of password intensity evaluating method based on personal information - Google Patents

A kind of password intensity evaluating method based on personal information Download PDF

Info

Publication number
CN106934275A
CN106934275A CN201710047216.7A CN201710047216A CN106934275A CN 106934275 A CN106934275 A CN 106934275A CN 201710047216 A CN201710047216 A CN 201710047216A CN 106934275 A CN106934275 A CN 106934275A
Authority
CN
China
Prior art keywords
password
factor
influence
user
field
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710047216.7A
Other languages
Chinese (zh)
Other versions
CN106934275B (en
Inventor
何道敬
叶冉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
East China Normal University
Original Assignee
East China Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by East China Normal University filed Critical East China Normal University
Priority to CN201710047216.7A priority Critical patent/CN106934275B/en
Publication of CN106934275A publication Critical patent/CN106934275A/en
Application granted granted Critical
Publication of CN106934275B publication Critical patent/CN106934275B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of password intensity evaluating method based on personally identifiable information, including:When user services in registration of website, the factor of influence field of the personal information built for user password is collected;Factor of influence field is classified respectively and labeling treatment is carried out according to real transform form to factor of influence field;When user's typing password, according to the user profile factor of influence for having extracted collection, calculate active user and build covering angle value of the factor of influence field comprising personal information in password, and the traditional heuristic and mode detection method of coverage values combination is calculated into password intensity level, targeted website selection receives to allow the max-thresholds comprising personally identifiable information to receive Measure Indexes as password intensity in password.Present invention firstly provides the password intensity evaluating method for adding personally identifiable information's measure coefficient.The method has the characteristics such as instant effective Feedback password intensity level, factor of influence plug and play and easy selection, the password for helping user's selection degree of safety higher.

Description

A kind of password intensity evaluating method based on personal information
Technical field
The invention belongs to the technical field of information security, more particularly to a kind of user password intensity based on personal information is commented Survey method.
Background technology
With the development and the continuous propulsion of IT application process of internet, the personal continuous networking of daily life, money Constantly digitlization is produced, authentication has become the basic means for ensureing user information safety.Because text password is easy to use, Low cost, the characteristic of easily deployment, have been increasingly becoming in information system security is ensured, the authentication side being most widely used Formula.But simultaneously because user is easy to the demand of mnemonic, password random character composition not on practical significance, but with The intrinsic motivation and external environment of family behavior are directly related.Therefore, user often selects simple when password is built but is easy to note The weak passwurd recalled, can so be easily caused by lawless person's Brute Force and dictionary attack.
Password intensity results are fed back into user in time in order to be able to provide, main flow ISP all can be in user When registration of website service or change password, the evaluation and test of password intensity (Password Strength Metric, abbreviation are performed by force PSM, similarly hereinafter) go to help user's selection and improve the password intensity for building.The password intensity of overwhelming majority main stream website is commented at present It is based on didactic, and targetedly to be optimized without the enough effort of input to survey device design, to the password of user feedback Intensity results are inconsistent, usually with other website evaluation results exist conflict, inevitably cause user puzzlement, sense of defeat and Misread.According to the difference of bottom-layer design thinking, can by these password intensity evaluation and test device be divided into it is rule-based, based on pattern inspection Test, based on this three class of attack algorithm.Depending on rule-based PSM methods are mainly according to length and comprising character types, currently The password intensity evaluation method overwhelming majority applied in main stream website is rule-based method, and typical representative has state of the U.S. Family's standard and Institute for Research and Technology PSM (National Institute of Standards and Technology PSM, abbreviation NIST-PSM).PSM method main targets based on mode checking be detect password each subsegment belonging to structural model (such as Keyboard order, initial capital and small letter, order character pattern), then, each pattern to finding assigns corresponding fraction, then The fraction of all patterns of password is added and, as password intensity level, Typical Representative has Zxcvbn.PSM based on attack algorithm Method is mainly based upon currently advanced password attack algorithm and the password for giving is attacked, according to the complexity attacked (the conjecture number of times needed for such as cracking and the time dimension needed for cracking) carries out strong and weak judgement.Typical representative has PCFG- Based PSM and Markov-based PSM.
Break out user profile and password leakage event incessantly with Internet service, and based on to user's fragility Behavior deeper into research, it is found that Internet user often tends to mixing personal information when password is built in order to remember. By the analysis to existing leak data collection in actual life it can be found that user is often subject to personal mother tongue when building password The influence of the factors such as preference, name, birthday.At the same time, if attacker is understanding the feelings of these users structure password behavior Under condition, with guessing attack is targetedly carried out, i.e., using the orientation guessing attack based on userspersonal information, will Greatly increase the risk of user profile leakage and personal asset loss.Current main flow password intensity evaluation and test device cannot also be directed to this Plant situation weak passwurd and provide accurate evaluation result.
The content of the invention
Shortcoming and deficiency it is an object of the invention to overcome art methods, in conventional password intensity evaluating method On the basis of, there is provided a kind of password intensity evaluating method based on personally identifiable information, the method inherit it is general based on context On the basis of rate Grammars, propose to add the treatment of personal information tag along sortization first, can conveniently accurately detection outlet The personal information included in order and hiding different versions, portal service provider can also extremely be easily added it His considerations, the acquisition of personally identifiable information can not only derive from the input of user, can also be by website reptile, across station Other various modes such as Information Pull, leak data collection are obtained, and can be very good to have resisted the guessing attack based on orientation, The invention can combine that tradition is rule-based and based on didactic method, while length, character composition, keyboard mould in password The aspects such as formula, conventional weak passwurd table are investigated, the password for helping user's selection degree of safety higher.
Personal information collection phase:When user services in registration of website, the personal letter built for user password is collected The factor of influence field of breath;
Tag along sort processing stage:The factor of influence field is classified respectively and to the factor of influence field Labeling treatment is carried out according to real transform form;
Password intensity level calculation stages:When user's typing password, according to the user profile factor of influence for having extracted collection, Calculate active user and build covering angle value of the factor of influence field comprising personal information in password, and the coverage values are combined into biography Heuristic or mode detection method of uniting calculates password intensity level, such as:The length of user password, factor of influence are constituted, type The factors such as combination.Targeted website selection receives to allow the max-thresholds comprising personally identifiable information as password intensity in password Receive Measure Indexes.
Wherein, the collect meanses of the factor of influence field include direct extracting mode and indirect extracting mode;It is described straight It is the information built for password that user is input into when registration of website is serviced to connect extracting mode, including is directly used in password structure Address name, birthday, telephone number, ID card No., registered user's name, registration mailbox address, and be indirectly for password structure Mother tongue preference, sex, the age built, web site name;The user related information that the indirect extracting mode is obtained is climbed including website Worm, existing leak data collection, across station user profile utilize.
Wherein, the tag along sort processing stage comprise the following steps:
B1. the present invention is based on context probability Grammars roadmap, and factor of influence field is built to described password Carry out being categorized as alphabetical section L, digital section D, spcial character section S.Context probability Grammars algorithm core assumes the word of password Parent segment L, digital section D and spcial character section S are separate, and are cut according to these three character types when password is analyzed Point.And statistical analysis training is carried out to existing password data collection, obtain each character element in the frequency and pattern of various patterns Frequency meter, this is the more commonly used processing method and thinking in password analysis at present.
B2. to later factor of influence field of classifying, specifically become in actual password building process according to factor of influence Change pattern further carries out corresponding labeling definition.As the classification of address name factor of influence corresponds to alphabetical section L, and mark It is N to sign1~N6, N1Represent the spelling of address name, N2Represent the acronym of address name, N3Represent the surname word of address name Section letter, N4Represent the file-name field letter of address name, N5Represent the word of surname full name field and name the abbreviation field of address name Mother, N6Represent the letter of name full name field and surname the abbreviation field of address name;The classification of user's birthday factor of influence corresponds to number Field D, and label is B1~B10, B1Represent the packed format of date (Y.M.D) data division of birthday, B2Represent the birthday Month day year (M.D.Y) data division packed format, B3Represent that the group of day month year (D.M.Y) data division of birthday is qualified Formula, B4Represent in the birthday day part (D) data division packed format, B5Represent the combination of month (M) data division in the birthday Form, B6Represent the packed format in the month and day part (M.D) data division in the birthday, B7Represent the time and month in the birthday (Y.M) packed format of data division, B8Two add month and day part (Y after time in the expression birthday1/2.M.D) data portion The packed format for dividing, B9Represent that month and day in the birthday part add two (M.D.Y after the time1/2) data division group it is qualified Formula, B10Represent the packed format in the month and time (M.Y) data division in the birthday.
Wherein, the password intensity level calculation stages comprise the following steps:
C1. user extracts the password character of input for step c2 in the personal password that targeted website input builds;
C2. receive the password character of extraction in c1 steps during password Strength co-mputation and process later with labeling Factor of influence field is calculated, and draws the covering angle value comprising personal information in password.
C3. the max-thresholds comprising personally identifiable information are allowed in the password according to targeted website setting, is walked for c2 Covering angle value receives or refuses below or above the password selection for setting max-thresholds in rapid, in this, as based on personal information mouthful Make the index of intensity evaluation.
The present invention has the following advantages and effect relative to prior art:
(1) password guess of resistance orientation:The password intensity evaluation and test device of current main flow cannot resist the password guess of orientation Attack, i.e., attacker is directed to specific user, go to be formed using the Behavior preference of the prior user profile collected and construction password and guess Survey and attack, the personal information that the invention is obtained based on the personal information and other modes when registering first, comprehensive main flow at present PSM designs pattern provides a kind of password intensity evaluating tool easy to use, can be very good the choosing for instructing user as few as possible The password comprising personal information is selected, so as to resist the password guess of orientation.
(2) the evaluation and test algorithm based on specific probabilistic model:It is first based on context-free grammar to be fully established at sternly Password guess algorithm on close probabilistic model, the invention uses the model in the design of password intensity evaluation and test device first, leads to The sorting technique of the training and science to same type leak data collection is crossed, shape can be changed to the factor of influence in personal information Formula makes more accurate judgement.
(3) the dynamic effects factor is allowed:Personal information is added on the basis of by evaluating and testing device to traditional rule-based intensity Detection, further increase user password construction security.Selection of the website to personal information factor of influence can be accomplished Dynamic change, for different application scenarios, unrestricted choice adds or shields suitable factor of influence.Simultaneously to factor of influence Obtain and single mode can be not limited to, so as to improve the precision of evaluation result using abundant means.
(4) traditional PS M designs are combined:It is rule-based and based on didactic PSM design sides that the invention can combine tradition Method, not only in password building process is considered, comprising personally identifiable information, and length in password, character composition, key The aspects such as disk pattern, conventional weak passwurd table are similarly investigated.Thereby aid in user resist orientation guessing attack while, Selection degree of safety password higher.
Brief description of the drawings
Fig. 1 is flow chart of the invention
Fig. 2 is the labeling schematic diagram that the present invention is proposed based on context probability Grammars roadmap.
Specific embodiment
Relevant technical term is as follows:
PSM- passwords intensity evaluates and tests device (Password Strength Metric)
PCFG- is based on context probability Grammars (Probabilistic Context-Free Grammars)
PI- personal information (Personal information)
The present invention is described in further detail with reference to embodiment and accompanying drawing, but embodiments of the present invention are not limited to This.
Embodiment
As shown in figure 1, the password intensity evaluating method based on personal information is divided into three phases:Specially:
Personal information collection phase:When registration of website is serviced, extraction is possibly used for building the individual of user password to user Informational influence factor field.
Tag along sort processing stage:Respectively on extract password build factor of influence field classified and to influence because Subfield carries out labeling treatment according to real transform form;
Password intensity level calculation stages:During user's typing password, calculated according to the user profile factor of influence for extracting collection Go out the covering angle value that user builds factor of influence in password, and by the covering angle value and Heuristic detection method or mode detection side Method is combined and calculates password intensity level.Targeted website voluntarily selects to receive to be allowed comprising personally identifiable information most in password Big threshold value receives Measure Indexes as password intensity.
In personal information collection phase, the personally identifiable information of user is various, and some personal information are that have word Mother's composition, such as name, hobby;Some personal information are made up of digital, such as birthday, cell-phone number;Some are mixing letter, numeral And character, such as user name.Meanwhile, some personal information are used directly for the construction of password, such as name, birthday;One is a few People's information is to cannot be used directly for password construction, such as sex and education degree.The letter filled in when this stage is according to user's registration The information that breath and other modes are collected effectively is analyzed extraction, in order to improve efficiency and accuracy, can be in reality The related similar data sets of leakage are analyzed and remove the version for extracting relevant field and field being directed to, to a certain degree On can resist user password across station huge profit attack conjecture.
In tag along sort processing stage, present inventor considered that main flow is based on the orientation conjecture rich in personal information at present Attack efficiency and be much higher than conventional guessing attack of strolling, such as:Personal-PCFG、Personal-Markov.So this Inventor is based primarily upon the algorithm thinking of extension PCFG, and the personal information being collected into is carried out by field to be categorized as alphabetical section L, number Field D, spcial character section S, while by personal information build password when influence degree, be divided into main affecting factors and time Want factor of influence.PCFG algorithms the inside different from the past only considers the length of field, such as L3Represent that alphabetical segment length is 3, This form of expression exists low because not accounting for userspersonal information in the version being actually used in when building password The situation estimated and over-evaluate.The embodiment of the present invention proposes a kind of to entering rower in personal information field in password intensity test process The method of labelization, by actual scene, user builds the analysis of password Behavioral change, takes into full account the change of each field Form row label of going forward side by side is represented.
In specific to embodiment, such as address name factor of influence classification corresponds to alphabetical section L, and label is N1~N6, N1Represent the spelling of address name, N2Represent the acronym of address name, N3Represent the surname field letter of address name, N4 Represent the file-name field letter of address name, N5Represent the letter of surname full name field and name the abbreviation field of address name, N6Represent and use The letter of name full name field and surname the abbreviation field of family name;The classification of user's birthday factor of influence corresponds to digital section D, and marks It is B to sign1~B10, B1Represent the packed format of date (Y.M.D) data division of birthday, B2Represent the month day year of birthday (M.D.Y) packed format of data division, B3Represent the packed format of day month year (D.M.Y) data division of birthday, B4Represent life In day day part (D) data division packed format, B5Represent the packed format of month (M) data division in the birthday, B6Represent Month in birthday and the packed format of day part (M.D) data division, B7Represent the time in the birthday and month (Y.M) data portion The packed format for dividing, B8Two add month and day part (Y after time in the expression birthday1/2.M.D) group of data division is qualified Formula, B9Represent that month and day in the birthday part add two (M.D.Y after the time1/2) data division packed format, B10Represent life The packed format in month and time (M.Y) data division in day.This mode classification has considered not only each label value Length, while fully taking into account the version of factor of influence.
In password intensity level calculation stages, the present invention proposes a kind of coverage computational methods, and the method is to consider inspection first The actual change form of a certain factor of influence label value in the classification of each field is surveyed, if not detecting any label Value, then be further continued for considering overlay length value of the factor of influence under based on sliding window.It is specifically defined as:Personal information is covered Angle value (Personal Information Coverage Metric, abbreviation PICM), form of calculation is:Wherein lfiExpression matches the length of some factor of influence corresponding label value, LpRepresent that user is defeated The length of the structure password for entering.Between 0 to 1, numerical value 0 represents the individual for being not detected by choosing in password to be believed PICM spans Breath factor of influence, matches the personal information factor of influence of selection completely in the expression password of numerical value 1, the bigger expression of covering angle value is covered Cover that personal information factor of influence is more, the corresponding intensity for representing password is weaker.When password factor of influence length is matched, this Inventor defines a length array and goes to record the tag length matched in the case of the Different Effects factor, such as in password letter The N of address name factor of influence is matched in section3Label value, records N first in array3The length of label value.But if mouth simultaneously Digital section is made to be not matched to any one label value in user's birthday factor of influence, the present inventor also needs for password digit section Further according to the influencing factors analysis of data segment, initial value definition be 2 sliding window successively from the beginning search the birthday influence because Same numbers length in the password matched in son, each sliding window size increases by 1 if the match is successful, until matching is lost The length that has now matched of record is in array when losing.In such cases, because contingency matches character reason, possible number In group exist several length be initial length 2 but the record without practical significance, therefore computational length array element and when, with The form performance result of calculation of values of powers reduces these does not have the influence of practical significance length data, it is to avoid factor of influence coverage meter The problem of Deta sparseness during calculation.In specific to embodiment, name and the PI factors of influence of birthday mentioned above is only considered, it is individual The password that people builds is expressed as L by PCFG4D6S3, represent user structure password in comprising length as 4 letter, length be 6 Numeral and 3 spcial characters of length.The calculating process of personal information covering angle value is as follows:
For alphabetical section L, label value is matched in the factor of influence of same type, name and life are only taken into account in embodiment Day, thus match successively here it is above-mentioned defined in nametags N1~N6If matched, the assignment label value length is given lfi.Otherwise, sliding window that initial length is 2 is defined successively in sequential search password rich in the company most long for having name field Continuous matching length assignment lfi, l herefiMay be the then last l comprising multiple valuesfiIt is the quadratic sum of these values.Pin Data segment D and spcial character section S can be calculated also according to the above method.
Above-mentioned personal information can be combined for the evaluation and test of password intensity cover angle value and based on length, character group Into the tradition such as, keyboard mode, conventional weak passwurd table heuristic and regular password intensity evaluation and test means, intensity threshold, i.e. net are set Standing can set personal password's maximum intensity threshold value, less than this threshold value, illustrate the personal information security that the password of user is included Property is otherwise refused within tolerance interval.In such cases, conventional weak passwurd form can both have been refused, again can be to richness Password containing personal information provides feedback, the bigger directional attack conjecture of harm is resisted, so that it is more healthy and stronger to help user to select Password.
Protection content of the invention is not limited to above example.Under the spirit and scope without departing substantially from inventive concept, this Art personnel it is conceivable that change and advantage be all included in the present invention, and with appending claims be protect Shield scope.

Claims (9)

1. a kind of password intensity evaluating method based on personally identifiable information, it is characterised in that including such as next stage:
Personal information collection phase:When user services in registration of website, the personal information built for user password is collected Factor of influence field;
Tag along sort processing stage:The factor of influence field is classified respectively and to the factor of influence field according to Real transform form carries out labeling treatment;
Password intensity level calculation stages:When user's typing password, according to the user profile factor of influence for having extracted collection, calculate Go out active user build password in covering angle value of the factor of influence field comprising personal information, and by the covering angle value with it is heuristic Detection method or mode detection method are combined and calculate password intensity level.
2. password intensity evaluating method according to claim 1, it is characterised in that the collection hand of the factor of influence field Section includes direct extracting mode and indirect extracting mode;
The direct extracting mode is the information built for password that user is input into when registration of website is serviced, including is directly used Address name, birthday, telephone number, ID card No., registered user's name, registration mailbox address built in password etc., and It is indirectly for mother tongue preference, sex, age, web site name of password structure etc.;
The user related information that the indirect extracting mode is obtained is including website reptile, existing leak data collection, across station user Information Pull etc..
3. password intensity evaluating method according to claim 2, it is characterised in that the factor of influence field includes main Factor of influence and the minor effect factor;The main affecting factors refer to that userspersonal information's field is widely used in personal password The part of structure;The minor effect factor refers to and some effects due to different having differences property of registration of website service The information field that user password builds.
4. password intensity evaluating method according to claim 1, it is characterised in that the tag along sort processing stage bag Include following steps:
B1. password analysis and processing method is based on, to the factor of influence field be categorized as alphabetical section L, digital section D, special Character field S;
B2. to later factor of influence field of classifying, specifically become in actual user's password building process according to factor of influence Change pattern further carries out corresponding labeling definition.
5. password intensity evaluating method according to claim 4, it is characterised in that the password intensity level calculation stages bag Include following steps:
C1. user extracts the password character of input when targeted website is input into personal password;
C2. the factor of influence field after receiving the password character during password Strength co-mputation and being processed through labeling is entered Row is calculated, and draws the covering angle value comprising personal information in password, and by the covering angle value and Heuristic detection method or pattern Detection method is combined and calculates password intensity level;
C3. the max-thresholds comprising personally identifiable information are allowed in the password according to targeted website setting, receives covering angle value Less than the password of max-thresholds, password of the refusal covering angle value higher than max-thresholds.
6. password intensity evaluating method according to claim 5, it is characterised in that step c2 is specifically comprised the following steps:
C21. alphabetical section L, number are divided into according to the processing method based on probability context-free grammar to user input password character Field D, spcial character section S;The label value that alphabetical section L is categorized as in the alphabetical section L and factor of influence of password is calculated, digital section D Calculated with the label value that digital section D is categorized as in factor of influence, spcial character section is categorized as in spcial character section S and factor of influence The label value of S is calculated;
C22. personal information covering angle value is calculated, covering angle value is represented with equation below:Under wherein Mark i represents the factor of influence of i-th selection, lfiThe i-th factor of influence corresponding label value length that expression is matched, LpRepresent and use Family is input into the total length of password.
7. password intensity evaluating method according to claim 6, it is characterised in that step c22 is specifically comprised the following steps:
The factor of influence l included in password is calculatedfiDuring length value, first under the classification, an influence is matched successively All label values defined in the factor, record the length of the label value if matching;If all fixed in the factor of influence The label value of justice is all not matched to, then go to travel through password in the dynamic sliding window method that initial value definition is 2, records password The length comprising continuous factor of influence character most long matched in character, the otherwise l of the factor of influencefiValue is 0.
8. password intensity evaluating method as claimed in claim 6, it is characterised in that the factor of influence length to matching is carried out The measurement of values of powers.
9. password intensity evaluating method according to claim 5, it is characterised in that the personal identification in described step c3 Information maximization threshold value is that website receives the extreme safety index value that a secure password is allowed, and its comprehensive consideration includes user's Personally identifiable information, and the intensity evaluating method of rule-based and pattern is combined, described rule-based and pattern intensity is commented The considerations of survey method include:Length, factor of influence composition, type combination, keyboard mode of user password etc..
CN201710047216.7A 2017-01-22 2017-01-22 Password strength evaluation method based on personal information Active CN106934275B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710047216.7A CN106934275B (en) 2017-01-22 2017-01-22 Password strength evaluation method based on personal information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710047216.7A CN106934275B (en) 2017-01-22 2017-01-22 Password strength evaluation method based on personal information

Publications (2)

Publication Number Publication Date
CN106934275A true CN106934275A (en) 2017-07-07
CN106934275B CN106934275B (en) 2020-10-16

Family

ID=59423820

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710047216.7A Active CN106934275B (en) 2017-01-22 2017-01-22 Password strength evaluation method based on personal information

Country Status (1)

Country Link
CN (1) CN106934275B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108121909A (en) * 2017-12-12 2018-06-05 深圳中琛源科技股份有限公司 A kind of detection method of weak passwurd, terminal device and storage medium
CN108470124A (en) * 2018-02-09 2018-08-31 华东师范大学 A kind of password reinforcement method based on fragile factorial analysis
CN108509790A (en) * 2018-03-14 2018-09-07 华东师范大学 A kind of password strength assessment method based on group
CN108540438A (en) * 2018-01-26 2018-09-14 上海实创信息科技有限公司 One kind is based on RFID secret protections identification verification device and its verification method
CN108763918A (en) * 2018-04-10 2018-11-06 华东师范大学 A kind of password reinforcement method based on semantic transforms
CN108763920A (en) * 2018-05-23 2018-11-06 四川大学 A kind of password strength assessment model based on integrated study
CN109145582A (en) * 2018-06-05 2019-01-04 中国科学院信息工程研究所 It is a kind of that set creation method, password cracking method and device are guessed based on password of the byte to coding
CN110162961A (en) * 2019-05-13 2019-08-23 华东师范大学 Group's password intensity evaluation method based on integrated study
CN110334488A (en) * 2019-06-14 2019-10-15 北京大学 User authentication password security appraisal procedure and device based on Random Forest model
CN110336921A (en) * 2019-07-09 2019-10-15 华中师范大学 A kind of Android figure password strength metric method and system
WO2020206909A1 (en) * 2019-04-08 2020-10-15 平安科技(深圳)有限公司 Method and apparatus for calculating password strength, and computer-readable storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104268450A (en) * 2014-09-11 2015-01-07 浙江工业大学 Bulk password grading priori check method
CN105187382A (en) * 2015-08-05 2015-12-23 西安电子科技大学 Multi-factor identity authentication method for preventing library collision attacks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104268450A (en) * 2014-09-11 2015-01-07 浙江工业大学 Bulk password grading priori check method
CN105187382A (en) * 2015-08-05 2015-12-23 西安电子科技大学 Multi-factor identity authentication method for preventing library collision attacks

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
YUE LI等: "A Study of Personal Information in Human-chosen Passwords and Its Security Implications", 《 IEEE INFOCOM 2016 - THE 35TH ANNUAL IEEE INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS》 *
刘功申等: "基于真实数据挖掘的口令脆弱性评估及恢复", 《计算机学报》 *

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108121909A (en) * 2017-12-12 2018-06-05 深圳中琛源科技股份有限公司 A kind of detection method of weak passwurd, terminal device and storage medium
CN108540438A (en) * 2018-01-26 2018-09-14 上海实创信息科技有限公司 One kind is based on RFID secret protections identification verification device and its verification method
CN108470124B (en) * 2018-02-09 2022-10-04 华东师范大学 Password strengthening method based on fragile factor analysis
CN108470124A (en) * 2018-02-09 2018-08-31 华东师范大学 A kind of password reinforcement method based on fragile factorial analysis
CN108509790A (en) * 2018-03-14 2018-09-07 华东师范大学 A kind of password strength assessment method based on group
CN108763918A (en) * 2018-04-10 2018-11-06 华东师范大学 A kind of password reinforcement method based on semantic transforms
CN108763920A (en) * 2018-05-23 2018-11-06 四川大学 A kind of password strength assessment model based on integrated study
CN109145582A (en) * 2018-06-05 2019-01-04 中国科学院信息工程研究所 It is a kind of that set creation method, password cracking method and device are guessed based on password of the byte to coding
WO2020206909A1 (en) * 2019-04-08 2020-10-15 平安科技(深圳)有限公司 Method and apparatus for calculating password strength, and computer-readable storage medium
CN110162961A (en) * 2019-05-13 2019-08-23 华东师范大学 Group's password intensity evaluation method based on integrated study
CN110334488A (en) * 2019-06-14 2019-10-15 北京大学 User authentication password security appraisal procedure and device based on Random Forest model
CN110334488B (en) * 2019-06-14 2021-03-02 北京大学 User authentication password security evaluation method and device based on random forest model
CN110336921A (en) * 2019-07-09 2019-10-15 华中师范大学 A kind of Android figure password strength metric method and system
CN110336921B (en) * 2019-07-09 2021-01-15 华中师范大学 Android graph password strength measurement method and system

Also Published As

Publication number Publication date
CN106934275B (en) 2020-10-16

Similar Documents

Publication Publication Date Title
CN106934275A (en) A kind of password intensity evaluating method based on personal information
CN103853738B (en) A kind of recognition methods of info web correlation region
CN106815207B (en) Information processing method and device for legal referee document
CN110069609B (en) Referee document analysis method, referee document analysis device, computer equipment and storage medium
CN106708966A (en) Similarity calculation-based junk comment detection method
CN103793447B (en) The estimation method and estimating system of semantic similarity between music and image
CN108345587A (en) A kind of the authenticity detection method and system of comment
CN108228845B (en) Mobile phone game classification method
CN107341183A (en) A kind of Website classification method based on darknet website comprehensive characteristics
CN103778122B (en) Searching method and system
CN103984771B (en) Method for extracting geographical interest points in English microblog and perceiving time trend of geographical interest points
CN103607391B (en) SQL injection attack detection method based on K-means
CN104077417A (en) Figure tag recommendation method and system in social network
CN100543735C (en) File similarity measure method based on file structure
CN104899335A (en) Method for performing sentiment classification on network public sentiment of information
CN104199838B (en) A kind of user model constructing method based on label disambiguation
CN109543090A (en) A kind of method and apparatus for evaluating web documents
CN104598648B (en) A kind of microblog users interactive mode gender identification method and device
CN110046251A (en) Community content methods of risk assessment and device
CN106649276A (en) Identification method and device for core product word in title
CN109800279A (en) A kind of algorithm based on space-time trajectory Fast Collision
WO2015062377A1 (en) Device and method for detecting similar text, and application
Han et al. Linking social network accounts by modeling user spatiotemporal habits
Leão et al. Evolutionary patterns in the geographic range size of Atlantic Forest plants
CN104881400B (en) Semantic dependency computational methods based on associative network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder
CP02 Change in the address of a patent holder

Address after: 200241 No. 500, Dongchuan Road, Shanghai, Minhang District

Patentee after: EAST CHINA NORMAL University

Address before: 200062 No. 3663, Putuo District, Shanghai, Zhongshan North Road

Patentee before: EAST CHINA NORMAL University