About site: Security/Authentication - A Proactive Password Checker

Return to Computers also Computers

About site: http://seclab.cs.ucdavis.edu/papers/mb91c.ps

Title: Security/Authentication - A Proactive Password Checker Paper by M. Bishop, 1991. The author describes a technique, and a mechanism, to allow users to select passwords which to them are easy to remember but to others would be very difficult to guess. [Post

Computer_Help Provides on-site and remote computer assistance and technical support services, including data recovery, technical equipment moves and relocation.

Syllable_Development_Newsletters The official newsletter of Syllable project which brings monthly updates on Syllable's progress, summary of discussions and ideas and other information that is vital to Syllable community.

Tellus_Group Taiwanese manufacturer of wireless network products.

CD9_Design Offers site design. Located in London, England, United Kingdom.

WT_Toolkit Offers a framework to develop applications. Download, documentation and news pages.

Progressive_Technologies Web site development and design, e-commerce sites, graphics design, and internet marketing and advertising services.

Alexa statistic for http://seclab.cs.ucdavis.edu/papers/mb91c.ps

Please visit: http://seclab.cs.ucdavis.edu/papers/mb91c.ps

Related sites for http://seclab.cs.ucdavis.edu/papers/mb91c.ps

The_Search_Beat Directory that organizes the web by theme pages.

Kiwi,_Marcos University of Chile.

RuleQuest_Research Produces knowledge discovery and data mining tools for Unix and Windows 95/98/NT/2000. These include See5 (decision trees) aka C5 and Magnum Opus (association rules).

Relevanz_Pte_Ltd_ An Asian web-interfaced knowledge management solution addressing technology infrastructure, intellectual capital, information and change management enabling marketing professionals to maximize marketi

PocketNow Articles and reviews for the Pocket PC and related accessories.

Advanced_GIF_Optimizer Make GIFs light with this full-featured utility. Includes GIF Explorer for previewing files, and altering their attributes, and a GIF image cutter.

The_Windows_Registry_Experts Information and software utilities to fix most Windows errors: Registry and file errors, Windows tweaks and optimizing memory and disk space.

The_Register__Do_you_Want_to_Own_the_Trojan_Room_Coffee_Pot? Article discussing the sale of the coffee pot on eBay. (August 1, 2001)

StarQuest_Software,_Inc_ Offers access to IBM databases from desktop applications running in Windows and UNIX environments. StarQuest Data Replicator replicates data between DB2, Oracle and SQL Server databases.

University_of_Greenwich School of Computing and Mathematical Sciences. Research groups include AI; Parallel processing; Computing for law; Natural language processing; Information integrity.

Disco_DSP Company that develops Discovery and Vertigo and some effects. Description, screenshots, audio samples, downloadable demos.

iMimic_Networking,_Inc_ Offers web caching and multimedia streaming caching functionality. Also offer content filtering software. [Solaris, Linux, FreeBSD]

1st_AutoRun_Express Automatically runs any DOC,HTM, or PDF whenever a CD is inserted. [Win32]

RFC_0983 ISO Transport Arrives on Top of the TCP. D.E. Cass, M.T. Rose. April 1986.

RFC_1176 Interactive Mail Access Protocol: Version 2. M.R. Crispin. August 1990.

Kashmir_3D Generate photo-realistic images and movies of landscapes using Digital Elevation Model files from the United States Geological Survey and the Swiss Federal Office of Topography. [Win 95/98/NT]

Semaphores_in_Linux An explanation of semaphores under Linux, including a comparison of System V and POSIX style semaphores. Code examples show how semaphores are used. (May 24, 2007)

Robots_and_Mail_Filtering_Links A collection of links about mail robots and e-mail filtering (somewhat slanted towards Unix applications)

U_S__NetworX,_Inc_ Design, hosting, intranet, and e-commerce solutions.

JSPED_Web_Productions Offers design, hosting, maintenance, database, and graphics services. Located in Porter, Texas, United States.

This is websites2007.org cache of m/ as retrieved on 2008.09.07 websites2007.org's cache is the snapshot that we took of the page as we crawled the web. The page may have changed since that time.

%!%%BoundingBox: (atend)%%Pages: (atend)%%DocumentFonts: (atend)%%EndComments%% FrameMaker PostScript Prolog 3.0, for use with FrameMaker 3.0% Copyright (c) 1986,87,89,90,91 by Frame Technology Corporation.% All rights reserved.%% Known Problems:% Due to bugs in Transcript, the 'PS-Adobe-' is omitted from line 1/FMversion (3.0) def % Set up Color vs. Black-and-White /FMPrintInColor systemdict /colorimage known systemdict /currentcolortransfer known or def% Uncomment this line to force b&w on color printer% /FMPrintInColor false def/FrameDict 195 dict def systemdict /errordict known not {/errordict 10 dict def errordict /rangecheck {stop} put} if% The readline in 23.0 doesn't recognize cr's as nl's on AppleTalkFrameDict /tmprangecheck errordict /rangecheck get put errordict /rangecheck {FrameDict /bug true put} put FrameDict /bug false put mark % Some PS machines read past the CR, so keep the following 3 lines together!currentfile 5 string readline000000000000cleartomark errordict /rangecheck FrameDict /tmprangecheck get put FrameDict /bug get { /readline { /gstring exch def /gfile exch def /gindex 0 def { gfile read pop dup 10 eq {exit} if dup 13 eq {exit} if gstring exch gindex exch put /gindex gindex 1 add def } loop pop gstring 0 gindex getinterval true } def } if/FMVERSION { FMversion ne { /Times-Roman findfont 18 scalefont setfont 100 100 moveto (FrameMaker version does not match postscript_prolog!) dup = show showpage } if } def /FMLOCAL { FrameDict begin 0 def end } def /gstring FMLOCAL /gfile FMLOCAL /gindex FMLOCAL /orgxfer FMLOCAL /orgproc FMLOCAL /organgle FMLOCAL /orgfreq FMLOCAL /yscale FMLOCAL /xscale FMLOCAL /manualfeed FMLOCAL /paperheight FMLOCAL /paperwidth FMLOCAL/FMDOCUMENT { array /FMfonts exch def /#copies exch def FrameDict begin 0 ne dup {setmanualfeed} if /manualfeed exch def /paperheight exch def /paperwidth exch def /yscale exch def /xscale exch def currenttransfer cvlit /orgxfer exch def currentscreen cvlit /orgproc exch def /organgle exch def /orgfreq exch def setpapername manualfeed {true} {papersize} ifelse {manualpapersize} {false} ifelse {desperatepapersize} if end } def /pagesave FMLOCAL /orgmatrix FMLOCAL /landscape FMLOCAL/FMBEGINPAGE { FrameDict begin /pagesave save def 3.86 setmiterlimit /landscape exch 0 ne def landscape { 90 rotate 0 exch neg translate pop } {pop pop} ifelse xscale yscale scale /orgmatrix matrix def gsave } def /FMENDPAGE { grestore pagesave restore end showpage } def /FMFONTDEFINE { FrameDict begin findfont ReEncode 1 index exch definefont FMfonts 3 1 roll put end } def /FMFILLS { FrameDict begin array /fillvals exch def end } def /FMFILL { FrameDict begin fillvals 3 1 roll put end } def /FMNORMALIZEGRAPHICS { newpath 0.0 0.0 moveto 1 setlinewidth 0 setlinecap 0 0 0 sethsbcolor 0 setgray } bind def /fx FMLOCAL /fy FMLOCAL /fh FMLOCAL /fw FMLOCAL /llx FMLOCAL /lly FMLOCAL /urx FMLOCAL /ury FMLOCAL/FMBEGINEPSF { end /FMEPSF save def /showpage {} def FMNORMALIZEGRAPHICS [/fy /fx /fh /fw /ury /urx /lly /llx] {exch def} forall fx fy translate rotate fw urx llx sub div fh ury lly sub div scale llx neg lly neg translate } bind def/FMENDEPSF { FMEPSF restore FrameDict begin } bind defFrameDict begin /setmanualfeed {%%BeginFeature *ManualFeed True statusdict /manualfeed true put%%EndFeature } def/max {2 copy lt {exch} if pop} bind def/min {2 copy gt {exch} if pop} bind def/inch {72 mul} def/pagedimen { paperheight sub abs 16 lt exch paperwidth sub abs 16 lt and {/papername exch def} {pop} ifelse } def /papersizedict FMLOCAL/setpapername { /papersizedict 14 dict def papersizedict begin /papername /unknown def /Letter 8.5 inch 11.0 inch pagedimen /LetterSmall 7.68 inch 10.16 inch pagedimen /Tabloid 11.0 inch 17.0 inch pagedimen /Ledger 17.0 inch 11.0 inch pagedimen /Legal 8.5 inch 14.0 inch pagedimen /Statement 5.5 inch 8.5 inch pagedimen /Executive 7.5 inch 10.0 inch pagedimen /A3 11.69 inch 16.5 inch pagedimen /A4 8.26 inch 11.69 inch pagedimen /A4Small 7.47 inch 10.85 inch pagedimen /B4 10.125 inch 14.33 inch pagedimen /B5 7.16 inch 10.125 inch pagedimen end } def/papersize { papersizedict begin /Letter {lettertray letter} def /LetterSmall {lettertray lettersmall} def /Tabloid {11x17tray 11x17} def /Ledger {ledgertray ledger} def /Legal {legaltray legal} def /Statement {statementtray statement} def /Executive {executivetray executive} def /A3 {a3tray a3} def /A4 {a4tray a4} def /A4Small {a4tray a4small} def /B4 {b4tray b4} def /B5 {b5tray b5} def /unknown {unknown} def papersizedict dup papername known {papername} {/unknown} ifelse get end /FMdicttop countdictstack 1 add def statusdict begin stopped end countdictstack -1 FMdicttop {pop end} for } def/manualpapersize { papersizedict begin /Letter {letter} def /LetterSmall {lettersmall} def /Tabloid {11x17} def /Ledger {ledger} def /Legal {legal} def /Statement {statement} def /Executive {executive} def /A3 {a3} def /A4 {a4} def /A4Small {a4small} def /B4 {b4} def /B5 {b5} def /unknown {unknown} def papersizedict dup papername known {papername} {/unknown} ifelse get end stopped } def/desperatepapersize { statusdict /setpageparams known { paperwidth paperheight 0 1 statusdict begin {setpageparams} stopped pop end } if } def/savematrix { orgmatrix currentmatrix pop } bind def/restorematrix { orgmatrix setmatrix } bind def/dmatrix matrix def/dpi 72 0 dmatrix defaultmatrix dtransform dup mul exch dup mul add sqrt def/freq dpi 18.75 div 8 div round dup 0 eq {pop 1} if 8 mul dpi exch div def/sangle 1 0 dmatrix defaultmatrix dtransform exch atan def/DiacriticEncoding [/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef/.notdef /.notdef /.notdef /.notdef /space /exclam /quotedbl/numbersign /dollar /percent /ampersand /quotesingle /parenleft/parenright /asterisk /plus /comma /hyphen /period /slash /zero /one/two /three /four /five /six /seven /eight /nine /colon /semicolon/less /equal /greater /question /at /A /B /C /D /E /F /G /H /I /J /K/L /M /N /O /P /Q /R /S /T /U /V /W /X /Y /Z /bracketleft /backslash/bracketright /asciicircum /underscore /grave /a /b /c /d /e /f /g /h/i /j /k /l /m /n /o /p /q /r /s /t /u /v /w /x /y /z /braceleft /bar/braceright /asciitilde /.notdef /Adieresis /Aring /Ccedilla /Eacute/Ntilde /Odieresis /Udieresis /aacute /agrave /acircumflex /adieresis/atilde /aring /ccedilla /eacute /egrave /ecircumflex /edieresis/iacute /igrave /icircumflex /idieresis /ntilde /oacute /ograve/ocircumflex /odieresis /otilde /uacute /ugrave /ucircumflex/udieresis /dagger /.notdef /cent /sterling /section /bullet/paragraph /germandbls /registered /copyright /trademark /acute/dieresis /.notdef /AE /Oslash /.notdef /.notdef /.notdef /.notdef/yen /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef/ordfeminine /ordmasculine /.notdef /ae /oslash /questiondown/exclamdown /logicalnot /.notdef /florin /.notdef /.notdef/guillemotleft /guillemotright /ellipsis /.notdef /Agrave /Atilde/Otilde /OE /oe /endash /emdash /quotedblleft /quotedblright/quoteleft /quoteright /.notdef /.notdef /ydieresis /Ydieresis/fraction /currency /guilsinglleft /guilsinglright /fi /fl /daggerdbl/periodcentered /quotesinglbase /quotedblbase /perthousand/Acircumflex /Ecircumflex /Aacute /Edieresis /Egrave /Iacute/Icircumflex /Idieresis /Igrave /Oacute /Ocircumflex /.notdef /Ograve/Uacute /Ucircumflex /Ugrave /dotlessi /circumflex /tilde /macron/breve /dotaccent /ring /cedilla /hungarumlaut /ogonek /caron] def/ReEncode { dup length dict begin { 1 index /FID ne {def} {pop pop} ifelse } forall 0 eq {/Encoding DiacriticEncoding def} if currentdict end } bind def/graymode true def /bwidth FMLOCAL /bpside FMLOCAL /bstring FMLOCAL /onbits FMLOCAL /offbits FMLOCAL /xindex FMLOCAL /yindex FMLOCAL /x FMLOCAL /y FMLOCAL/setpattern { /bwidth exch def /bpside exch def /bstring exch def /onbits 0 def /offbits 0 def freq sangle landscape {90 add} if {/y exch def /x exch def /xindex x 1 add 2 div bpside mul cvi def /yindex y 1 add 2 div bpside mul cvi def bstring yindex bwidth mul xindex 8 idiv add get 1 7 xindex 8 mod sub bitshift and 0 ne {/onbits onbits 1 add def 1} {/offbits offbits 1 add def 0} ifelse } setscreen {} settransfer offbits offbits onbits add div FMsetgray /graymode false def } bind def/grayness { FMsetgray graymode not { /graymode true def orgxfer cvx settransfer orgfreq organgle orgproc cvx setscreen } if } bind def /HUE FMLOCAL /SAT FMLOCAL /BRIGHT FMLOCAL /Colors FMLOCALFMPrintInColor { /HUE 0 def /SAT 0 def /BRIGHT 0 def % array of arrays Hue and Sat values for the separations [HUE BRIGHT] /Colors [[0 0 ] % black [0 0 ] % white [0.00 1.0] % red [0.37 1.0] % green [0.60 1.0] % blue [0.50 1.0] % cyan [0.83 1.0] % magenta [0.16 1.0] % comment / yellow ] def /BEGINBITMAPCOLOR { BITMAPCOLOR} def /BEGINBITMAPCOLORc { BITMAPCOLORc} def /BEGINBITMAPTRUECOLOR { BITMAPTRUECOLOR } def /BEGINBITMAPTRUECOLORc { BITMAPTRUECOLORc } def /K { Colors exch get dup 0 get /HUE exch store 1 get /BRIGHT exch store HUE 0 eq BRIGHT 0 eq and {1.0 SAT sub setgray} {HUE SAT BRIGHT sethsbcolor} ifelse } def /FMsetgray { /SAT exch 1.0 exch sub store HUE 0 eq BRIGHT 0 eq and {1.0 SAT sub setgray} {HUE SAT BRIGHT sethsbcolor} ifelse } bind def } { /BEGINBITMAPCOLOR { BITMAPGRAY} def /BEGINBITMAPCOLORc { BITMAPGRAYc} def /BEGINBITMAPTRUECOLOR { BITMAPTRUEGRAY } def /BEGINBITMAPTRUECOLORc { BITMAPTRUEGRAYc } def /FMsetgray {setgray} bind def /K { pop } def }ifelse/normalize { transform round exch round exch itransform } bind def/dnormalize { dtransform round exch round exch idtransform } bind def/lnormalize { 0 dtransform exch cvi 2 idiv 2 mul 1 add exch idtransform pop } bind def/H { lnormalize setlinewidth } bind def/Z { setlinecap } bind def /fillvals FMLOCAL/X { fillvals exch get dup type /stringtype eq {8 1 setpattern} {grayness} ifelse } bind def/V { gsave eofill grestore } bind def/N { stroke } bind def/M {newpath moveto} bind def/E {lineto} bind def/D {curveto} bind def/O {closepath} bind def /n FMLOCAL/L { /n exch def newpath normalize moveto 2 1 n {pop normalize lineto} for } bind def/Y { L closepath } bind def /x1 FMLOCAL /x2 FMLOCAL /y1 FMLOCAL /y2 FMLOCAL /rad FMLOCAL/R { /y2 exch def /x2 exch def /y1 exch def /x1 exch def x1 y1 x2 y1 x2 y2 x1 y2 4 Y } bind def/RR { /rad exch def normalize /y2 exch def /x2 exch def normalize /y1 exch def /x1 exch def newpath x1 y1 rad add moveto x1 y2 x2 y2 rad arcto x2 y2 x2 y1 rad arcto x2 y1 x1 y1 rad arcto x1 y1 x1 y2 rad arcto closepath 16 {pop} repeat } bind def/C { grestore gsave R clip } bind def /FMpointsize FMLOCAL/F { FMfonts exch get FMpointsize scalefont setfont } bind def/Q { /FMpointsize exch def F } bind def/T { moveto show } bind def/RF { rotate 0 ne {-1 1 scale} if } bind def/TF { gsave moveto RF show grestore } bind def/P { moveto 0 32 3 2 roll widthshow } bind def/PF { gsave moveto RF 0 32 3 2 roll widthshow grestore } bind def/S { moveto 0 exch ashow } bind def/SF { gsave moveto RF 0 exch ashow grestore } bind def/B { moveto 0 32 4 2 roll 0 exch awidthshow } bind def/BF { gsave moveto RF 0 32 4 2 roll 0 exch awidthshow grestore } bind def/G { gsave newpath normalize translate 0.0 0.0 moveto dnormalize scale 0.0 0.0 1.0 5 3 roll arc closepath fill grestore } bind def/A { gsave savematrix newpath 2 index 2 div add exch 3 index 2 div sub exch normalize 2 index 2 div sub exch 3 index 2 div add exch translate scale 0.0 0.0 1.0 5 3 roll arc restorematrix stroke grestore } bind def /x FMLOCAL /y FMLOCAL /w FMLOCAL /h FMLOCAL /xx FMLOCAL /yy FMLOCAL /ww FMLOCAL /hh FMLOCAL /FMsaveobject FMLOCAL /FMoptop FMLOCAL /FMdicttop FMLOCAL/BEGINPRINTCODE { /FMdicttop countdictstack 1 add def /FMoptop count 4 sub def /FMsaveobject save def userdict begin /showpage {} def FMNORMALIZEGRAPHICS 3 index neg 3 index neg translate } bind def/ENDPRINTCODE { count -1 FMoptop {pop pop} for countdictstack -1 FMdicttop {pop end} for FMsaveobject restore } bind def/gn { 0 { 46 mul cf read pop 32 sub dup 46 lt {exit} if 46 sub add } loop add } bind def /str FMLOCAL/cfs { /str sl string def 0 1 sl 1 sub {str exch val put} for str def } bind def/ic [ 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0223 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0223 0 {0 hx} {1 hx} {2 hx} {3 hx} {4 hx} {5 hx} {6 hx} {7 hx} {8 hx} {9 hx} {10 hx} {11 hx} {12 hx} {13 hx} {14 hx} {15 hx} {16 hx} {17 hx} {18 hx} {19 hx} {gn hx} {0} {1} {2} {3} {4} {5} {6} {7} {8} {9} {10} {11} {12} {13} {14} {15} {16} {17} {18} {19} {gn} {0 wh} {1 wh} {2 wh} {3 wh} {4 wh} {5 wh} {6 wh} {7 wh} {8 wh} {9 wh} {10 wh} {11 wh} {12 wh} {13 wh} {14 wh} {gn wh} {0 bl} {1 bl} {2 bl} {3 bl} {4 bl} {5 bl} {6 bl} {7 bl} {8 bl} {9 bl} {10 bl} {11 bl} {12 bl} {13 bl} {14 bl} {gn bl} {0 fl} {1 fl} {2 fl} {3 fl} {4 fl} {5 fl} {6 fl} {7 fl} {8 fl} {9 fl} {10 fl} {11 fl} {12 fl} {13 fl} {14 fl} {gn fl} ] def /sl FMLOCAL /val FMLOCAL /ws FMLOCAL /im FMLOCAL /bs FMLOCAL /cs FMLOCAL /len FMLOCAL /pos FMLOCAL/ms { /sl exch def /val 255 def /ws cfs /im cfs /val 0 def /bs cfs /cs cfs } bind def400 ms /ip { is 0 cf cs readline pop { ic exch get exec add } forall pop } bind def/wh { /len exch def /pos exch def ws 0 len getinterval im pos len getinterval copy pop pos len } bind def/bl { /len exch def /pos exch def bs 0 len getinterval im pos len getinterval copy pop pos len } bind def/s1 1 string def/fl { /len exch def /pos exch def /val cf s1 readhexstring pop 0 get def pos 1 pos len add 1 sub {im exch val put} for pos len } bind def/hx { 3 copy getinterval cf exch readhexstring pop pop } bind def /h FMLOCAL /w FMLOCAL /d FMLOCAL /lb FMLOCAL /bitmapsave FMLOCAL /is FMLOCAL /cf FMLOCAL/wbytes { dup 8 eq {pop} {1 eq {7 add 8 idiv} {3 add 4 idiv} ifelse} ifelse } bind def/BEGINBITMAPBWc { 1 {} COMMONBITMAPc } bind def/BEGINBITMAPGRAYc { 8 {} COMMONBITMAPc } bind def/BEGINBITMAP2BITc { 2 {} COMMONBITMAPc } bind def/COMMONBITMAPc { /r exch def /d exch def gsave translate rotate scale /h exch def /w exch def /lb w d wbytes def sl lb lt {lb ms} if /bitmapsave save def r /is im 0 lb getinterval def ws 0 lb getinterval is copy pop /cf currentfile def w h d [w 0 0 h neg 0 h] {ip} image bitmapsave restore grestore } bind def/BEGINBITMAPBW { 1 {} COMMONBITMAP } bind def/BEGINBITMAPGRAY { 8 {} COMMONBITMAP } bind def/BEGINBITMAP2BIT { 2 {} COMMONBITMAP } bind def/COMMONBITMAP { /r exch def /d exch def gsave translate rotate scale /h exch def /w exch def /bitmapsave save def r /is w d wbytes string def /cf currentfile def w h d [w 0 0 h neg 0 h] {cf is readhexstring pop} image bitmapsave restore grestore } bind def /proc1 FMLOCAL /proc2 FMLOCAL /newproc FMLOCAL/Fmcc { /proc2 exch cvlit def /proc1 exch cvlit def /newproc proc1 length proc2 length add array def newproc 0 proc1 putinterval newproc proc1 length proc2 putinterval newproc cvx} bind def/ngrayt 256 array def/nredt 256 array def/nbluet 256 array def/ngreent 256 array def /gryt FMLOCAL /blut FMLOCAL /grnt FMLOCAL /redt FMLOCAL /indx FMLOCAL /cynu FMLOCAL /magu FMLOCAL /yelu FMLOCAL /k FMLOCAL /u FMLOCAL/colorsetup { currentcolortransfer /gryt exch def /blut exch def /grnt exch def /redt exch def 0 1 255 { /indx exch def /cynu 1 red indx get 255 div sub def /magu 1 green indx get 255 div sub def /yelu 1 blue indx get 255 div sub def /k cynu magu min yelu min def /u k currentundercolorremoval exec def nredt indx 1 0 cynu u sub max sub redt exec put ngreent indx 1 0 magu u sub max sub grnt exec put nbluet indx 1 0 yelu u sub max sub blut exec put ngrayt indx 1 k currentblackgeneration exec sub gryt exec put } for {255 mul cvi nredt exch get} {255 mul cvi ngreent exch get} {255 mul cvi nbluet exch get} {255 mul cvi ngrayt exch get} setcolortransfer {pop 0} setundercolorremoval {} setblackgeneration } bind def /tran FMLOCAL/fakecolorsetup { /tran 256 string def 0 1 255 {/indx exch def tran indx red indx get 77 mul green indx get 151 mul blue indx get 28 mul add add 256 idiv put} for currenttransfer {255 mul cvi tran exch get 255.0 div} exch Fmcc settransfer} bind def/BITMAPCOLOR { /d 8 def gsave translate rotate scale /h exch def /w exch def /bitmapsave save def colorsetup /is w d wbytes string def /cf currentfile def w h d [w 0 0 h neg 0 h] {cf is readhexstring pop} {is} {is} true 3 colorimage bitmapsave restore grestore } bind def/BITMAPCOLORc { /d 8 def gsave translate rotate scale /h exch def /w exch def /lb w d wbytes def sl lb lt {lb ms} if /bitmapsave save def colorsetup /is im 0 lb getinterval def ws 0 lb getinterval is copy pop /cf currentfile def w h d [w 0 0 h neg 0 h] {ip} {is} {is} true 3 colorimage bitmapsave restore grestore } bind def/BITMAPTRUECOLORc { gsave translate rotate scale /h exch def /w exch def /bitmapsave save def /is w string def ws 0 w getinterval is copy pop /cf currentfile def w h 8 [w 0 0 h neg 0 h] {ip} {gip} {bip} true 3 colorimage bitmapsave restore grestore } bind def/BITMAPTRUECOLOR { gsave translate rotate scale /h exch def /w exch def /bitmapsave save def /is w string def /gis w string def /bis w string def /cf currentfile def w h 8 [w 0 0 h neg 0 h] { cf is readhexstring pop } { cf gis readhexstring pop } { cf bis readhexstring pop } true 3 colorimage bitmapsave restore grestore } bind def/BITMAPTRUEGRAYc { gsave translate rotate scale /h exch def /w exch def /bitmapsave save def /is w string def ws 0 w getinterval is copy pop /cf currentfile def w h 8 [w 0 0 h neg 0 h] {ip gip bip w gray} image bitmapsave restore grestore } bind def/ww FMLOCAL/r FMLOCAL/g FMLOCAL/b FMLOCAL/i FMLOCAL/gray { /ww exch def /b exch def /g exch def /r exch def 0 1 ww 1 sub { /i exch def r i get .299 mul g i get .587 mul b i get .114 mul add add r i 3 -1 roll floor cvi put } for r } bind def/BITMAPTRUEGRAY { gsave translate rotate scale /h exch def /w exch def /bitmapsave save def /is w string def /gis w string def /bis w string def /cf currentfile def w h 8 [w 0 0 h neg 0 h] { cf is readhexstring pop cf gis readhexstring pop cf bis readhexstring pop w gray} image bitmapsave restore grestore } bind def/BITMAPGRAY { 8 {fakecolorsetup} COMMONBITMAP } bind def/BITMAPGRAYc { 8 {fakecolorsetup} COMMONBITMAPc } bind def/ENDBITMAP { } bind defend /ALDsave FMLOCAL /ALDmatrix matrix def ALDmatrix currentmatrix pop/StartALD { /ALDsave save def savematrix ALDmatrix setmatrix } bind def/InALD { restorematrix } bind def/DoneALD { ALDsave restore } bind def%%EndProlog%%BeginSetup(3.0) FMVERSION1 1 612 792 0 1 11 FMDOCUMENT0 0 /Times-Roman FMFONTDEFINE1 0 /Times-Bold FMFONTDEFINE2 0 /Times-Italic FMFONTDEFINE3 1 /Symbol FMFONTDEFINE4 0 /Times-BoldItalic FMFONTDEFINE32 FMFILLS0 0 FMFILL1 0.1 FMFILL2 0.3 FMFILL3 0.5 FMFILL4 0.7 FMFILL5 0.9 FMFILL6 0.97 FMFILL7 1 FMFILL8 FMFILL9 FMFILL10 FMFILL11 FMFILL12 FMFILL13 FMFILL14 FMFILL16 1 FMFILL17 0.9 FMFILL18 0.7 FMFILL19 0.5 FMFILL20 0.3 FMFILL21 0.1 FMFILL22 0.03 FMFILL23 0 FMFILL24 FMFILL25 FMFILL26 FMFILL27 FMFILL28 FMFILL29 FMFILL30 FMFILL%%EndSetup%%Page: "1" 1%%BeginPaperSize: Letter%%EndPaperSize612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 1 of 9) 485.71 36 T108 72 540 720 R7 XV1 18 Q0 X(Pr) 209.74 708 T(oactive Password Checking) 228.39 708 T2 12 Q(Matt Bishop) 294.51 676 T0 F(Department of Mathematics and Computer Science) 200.92 656 T(Dartmouth College) 277.86 642 T(Hanover) 275.45 628 T(, NH 03755) 316.26 628 T2 F(ABSTRACT) 295.68 602 T0 F-0.41 (This paper presents generic requirements for proactive password changer) 144 582 P-0.41 (. It) 491.09 582 P0.24 (then examines two of the most popular) 144 568 P0.24 (, publicly-available programs to see) 331.5 568 P1.16 (how well they meet the requirements. Future directions are examined, as) 144 554 P(well as alternatives to such checkers.) 144 540 T1 F(1. Intr) 108 514 T(oduction) 140.43 514 T0 F0.96 (The problems inherent in allowing users to choose passwords without restriction) 144 490 P0.9 (have been widely discussed [4][6]; countermeasures include random generation of pass-) 108 476 P-0.42 (words [8] and techniques to test the strength of the proposed password the user selects. The) 108 462 P-0.33 (latter falls into two classes: reactive password checking, in which the password is reset and) 108 448 P-0.21 (later tested, and proactive password checking, in which the proposed password is \336rst test-) 108 434 P0.35 (ed and then made the password. The manner of testing is independent of class. Either the) 108 420 P-0.65 (password is transformed into the form in which it will be stored and a program that attempts) 108 406 P-0.05 (to guess the password \050a password cracker\051 is invoked, or the password is analyzed before) 108 392 P(it is transformed.) 108 378 T-0.47 (On computers running some version of the) 144 360 P0 10 Q-0.39 (UNIX) 348.92 360 P0 12 Q-0.47 (\252 operating system, reactive pass-) 373.9 360 P0.74 (word checking requires the former method, as the password is stored as a non-invertible) 108 346 P0.58 (hash; hence analyzing the structure of the password requires determining what that pass-) 108 332 P-0.41 (word is, and if this can be guessed by a program, an attacker can probably guess it too. Pro-) 108 318 P-0.17 (active password checking allows a combination of either testing method, although the pre-) 108 304 P(transformation analysis is probably more prevalent.) 108 290 T-0.31 ( This paper discusses the requirements for an ef) 144 272 P-0.31 (fective proactive password) 369.76 272 P2 F-0.31 (checker) 500.37 272 P0 F-0.31 (.) 537 272 P-0.22 (W) 108 258 P-0.22 (e limit ourselves to the testing of the password, because those requirements will be inde-) 118.36 258 P0.06 (pendent of the system on which the checker runs. That portion of the program which does) 108 244 P0.77 (the actual altering of the password, which we shall call the) 108 230 P2 F0.77 (changer) 400.27 230 P0 F0.77 (, depends heavily on) 439.09 230 P1.2 (system-speci\336c information and custom \050for example, allowing the superuser to change) 108 216 P-0.17 (anyone\325) 108 202 P-0.17 (s password without validation is customary in non-secure versions of the) 145.97 202 P0 10 Q-0.14 (UNIX) 496.21 202 P0 12 Q-0.17 ( op-) 521.18 202 P0.4 (erating system, but one can easily design a password changer which does not allow this\051.) 108 188 P0.25 (For the purposes of this discussion, we shall assume that the user) 108 174 P0.25 (\325) 422.99 174 P0.25 (s password is somehow) 426.32 174 P1.2 (obtained and given to the password checker) 108 160 P1.2 (, along with other relevant information; our) 324.58 160 P-0.73 (concern is what should be looked for to determine how easily the password may be guessed.) 108 146 P108 72 540 720 C108 72 540 135 C108 72 540 126 R7 X0 KV0 10 Q0 X(The support of a Dartmouth Fellowship, and of grant NAG 2-628 from the National Aeronautics and Space) 108 118 T(Administration to Dartmouth College, are gratefully acknowledged. Portions of this work were done while) 108 104 T(the author was visiting the University of California at Davis, CA.) 108 90 T(UNIX is a Registered T) 108 77.33 T(rademark of A) 202.58 77.33 T(T&T Bell Laboratories.) 259.75 77.33 T108 135 261 135 2 L7 XV0.5 H2 Z0 XN108 72 540 720 C0 0 612 792 CFMENDPAGE%%EndPage: "1" 2%%Page: "2" 2612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 2 of 9) 485.71 36 T108 72 540 720 R7 XV1 F0 X(2. Analysis and Requir) 108 712 T(ements) 224.41 712 T0 F-0.42 (Let us \336rst outline the problem of easily guessed passwords. Let) 144 688 P2 F-0.42 (P) 450.51 688 P0 F-0.42 ( be a set of words) 457.84 688 P0.24 (from which a password) 108 674 P2 F0.24 (p) 224.2 674 P0 F0.24 ( is to be selected. Let) 230.2 674 P2 F0.24 (p\325) 335.89 674 P0 F0.24 ( be a guess for this password. Assume it) 345.88 674 P0 (takes a constant amount of time) 108 660 P0 ( to determine if this is correct. Let) 310.82 660 P2 F0 (G) 477.05 660 P0 F0 ( be the ran-) 485.71 660 P0.5 (dom variable representing the password, and let) 108 646 P2 F0.5 (H) 343.99 646 P0 F0.5 ( be the random variable corresponding) 352.65 646 P-0.56 (to the time to guess the password. Then, assuming the distribution function of) 108 632 P2 F-0.56 (G) 476.82 632 P0 F-0.56 ( is uniform,) 485.48 632 P(the expected time to guess a password is:) 108 618 T(assuming no prior knowledge of the function used to do the authentication) 108 528 T0 10 Q(1) 464.77 532.8 T0 12 Q(.) 469.77 528 T0.02 (For any distribution function of) 144 510 P2 F0.02 (G) 298.35 510 P0 F0.02 (, we shall call a password) 307.01 510 P2 F0.02 (easily guessable) 432.7 510 P0 F0.02 ( when) 511 510 P0.43 (; that is, when the distribution function of) 159.92 496 P2 F0.43 (G) 365.6 496 P0 F0.43 ( makes it signi\336cantly more likely) 374.26 496 P-0.65 (that a password will be guessed, than if the distribution function of) 108 482 P2 F-0.65 (G) 423.69 482 P0 F-0.65 ( were uniform. \050In oth-) 432.35 482 P0.02 (er words, the distribution of passwords is skewed to such a degree that it is easier to guess) 108 468 P-0.62 (a password than if there were no skew) 108 454 P-0.62 (.\051 The parameter) 286.42 454 P2 F-0.62 (k) 367.16 454 P0 F-0.62 ( controls the degree of skewing that) 372.49 454 P-0.16 (is considered acceptable, and depends as much on the site requirements as the set of possi-) 108 440 P0.49 (ble passwords. If) 108 426 P0.49 (, for example, the set of legal passwords is unsatisfactory because) 219.99 426 P(they all can be easily guessed. In what follows, we assume that) 108 412 T2 F(A) 413.11 412 T0 F( is very lar) 420.44 412 T(ge.) 471.18 412 T-0.1 (Let) 144 394 P2 F-0.1 (s) 162.88 394 P0 F-0.1 ( be the function used to select a password from the set) 167.55 394 P2 F-0.1 (P) 428.82 394 P0 F-0.1 (; for example,) 436.14 394 P2 F-0.1 (s) 505.79 394 P0 F-0.1 ( could) 510.45 394 P-0.19 (be equally likely to select any element of) 108 380 P2 F-0.19 (P) 306.36 380 P0 F-0.19 ( \050in which case the computer would be generat-) 313.68 380 P-0.42 (ing random passwords\051, or) 108 366 P2 F-0.42 (s) 237.24 366 P0 F-0.42 ( could allow the user to control selection \050which is what we are) 241.9 366 P-0.31 (considering\051. This selection function induces a probability distribution upon elements of) 108 352 P2 F-0.31 (P) 531.01 352 P0 F-0.31 (.) 537 352 P1.17 (W) 108 338 P1.17 (ith the \336rst \050random\051 selection function, this distribution is uniform; with the second,) 118.84 338 P-0.39 (tests have indicated that the distribution is highly skewed. Hence by appropriately ordering) 108 324 P0.24 (the elements of) 108 310 P2 F0.24 (P) 185.01 310 P0 F0.24 (, one can substantially decrease the expected time to guess a password \320) 191.01 310 P-0.46 (often to the point where a password chosen from a subset of) 108 296 P2 F-0.46 (P) 393.55 296 P0 F-0.46 ( could be guessed in less than) 400.88 296 P(time) 108 282 T2 F(kA) 132.32 282 T0 F(.) 144.98 282 T0.21 (T) 144 264 P0.21 (wo approaches can reduce or eliminate the skew) 150.49 264 P0.21 (. The \336rst is to change the selec-) 383.31 264 P0.16 (tion function to force a probability distribution that has some known, desired distribution;) 108 250 P0.22 (generation of passwords using a uniform random number generator does this. The second) 108 236 P0.57 (is to arti\336cially delete from) 108 222 P2 F0.57 (P) 244.42 222 P0 F0.57 ( those elements creating the skew; in other words, disallow) 251.75 222 P0.31 (passwords which have a high probability of being selected. This induces a more uniform,) 108 208 P1.02 (and hence more desirable, distribution. This is what proactive password checking is de-) 108 194 P(signed to do.) 108 180 T0.75 (W) 144 162 P0.75 (e should note that this analysis highlights a fundamental problems of proactive) 154.36 162 P-0.5 (password checking. W) 108 148 P-0.5 (ere the checker to be overly restrictive in its de\336nition of \322high prob-) 214.95 148 P-0.19 (ability\323, it could eliminate so many potential passwords that any of the remainder could be) 108 134 P108 108 540 117 C108 108 540 117 R7 X0 KV108 117 261 117 2 LV0.5 H2 Z0 XN0 0 612 792 C0 10 Q0 X0 K(1.) 108 101.33 T0.41 (For example, if it is known that one potential password is correct if and only if another is correct,) 126 101.33 P0 (there is no need to test the \336rst once the second is tested; this would alter the above equation some-) 126 89.33 P(what.) 126 77.33 T263.24 655.01 310.82 669.2 C2 12 Q0 X0 K(T) 264.24 660 T(t) 289.5 660 T(p) 296.83 660 T0 F(') 303.32 660 T3 F(\050) 292.83 660 T(\051) 305.82 660 T(=) 276.91 660 T0 0 612 792 C108 72 540 720 C108 542 540 614 C2 12 Q0 X0 K(A) 257.29 575.5 T(E) 277.21 575.5 T3 F(\272) 267.62 575.5 T2 F(H) 288.53 575.5 T3 F(\050) 284.53 575.5 T(\051) 297.19 575.5 T2 F(T) 342.75 575.5 T2 9 Q(i) 321.8 561.21 T0 F(1) 335.23 561.21 T3 F(=) 327.29 561.21 T2 F(P) 322.77 590.28 T0 F(2) 337.26 590.28 T3 F(\244) 333.51 590.28 T3 18 Q(\345) 324.35 572.3 T2 12 Q(T) 368 575.5 T(P) 379.38 582.56 T0 F(2) 380.04 567.91 T3 F(=) 307.18 575.5 T(=) 355.42 575.5 T320.77 589.43 320.77 596.42 2 L0.33 H0 ZN329.26 589.43 329.26 596.42 2 LN377.38 581.09 377.38 590.76 2 LN387.71 581.09 387.71 590.76 2 LN376.38 578.09 389.46 578.09 2 LN108 72 540 720 C0 0 612 792 C108 491.01 159.92 505.2 C2 12 Q0 X0 K(E) 109 496 T(H) 120.32 496 T3 F(\050) 116.33 496 T(\051) 128.98 496 T2 F(k) 145.56 496 T(A) 151.59 496 T3 F(\243) 135.98 496 T0 0 612 792 C194.08 422.4 219.98 435.2 C2 12 Q0 X0 K(k) 195.08 426 T0 F(1) 212.99 426 T3 F(\263) 203.4 426 T0 0 612 792 CFMENDPAGE%%EndPage: "2" 3%%Page: "3" 3612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 3 of 9) 485.71 36 T108 72 540 720 R7 XV0 X-0.12 (guessed quickly) 108 712 P-0.12 (. Hence some care must be applied in selecting which passwords are unac-) 184.05 712 P(ceptably easy to guess.) 108 698 T0.37 (T) 144 680 P0.37 (urning from the mathematics to the engineering aspect, certain facilities must be) 150.91 680 P-0.18 (present to provide the degree of \337exibility in the tests that will eliminate passwords as eas-) 108 666 P-0.13 (ily guessed. Previous studies, notably [4] and [6], have described common classes of pass-) 108 652 P0.05 (words found experimentally and what types of passwords should be avoided \050see table 1\051;) 108 638 P-0.03 (in addition, speci\336c words or character sequences may be meaningful to particular sites or) 108 360 P-0.22 (users and hence good guesses for attackers. These considerations suggest the following re-) 108 346 P(quirements for a proactive test mechanism:) 108 332 T(1.) 108 314 T0.11 (the test mechanisms should be invoked on every proposed password, and no proposed) 126 314 P(password failing tests should be allowed to become a password;) 126 300 T(2.) 108 282 T-0.67 (the test mechanism must be able to reject any password in a class of common passwords) 126 282 P(\050the classes being known from the literature or from experience\051) 126 268 T(3.) 108 250 T0.46 (the tests must allow per) 126 250 P0.46 (-user discrimination \050that is, a password may be unacceptable) 240.87 250 P(for one user but acceptable for another\051;) 126 236 T(4.) 108 218 T(the tests must allow per) 126 218 T(-site discrimination; and) 239.03 218 T(5.) 108 200 T0.71 (the tests must allow some form of aging, so that passwords cannot be re-used within) 126 200 P-0.59 (\322too short\323 a period of time \050\322too short\323 being determined by the system administrator\051.) 126 186 P1.13 (From these, we can glean additional recommendations for proactive password checking) 108 168 P(programs:) 108 154 T(6.) 108 136 T(setting up the tests must be straightforward, because complexity breeds errors.) 126 136 T(7.) 108 118 T0.58 (do not require all potential passwords to be in dictionaries; creating a comprehensive) 126 118 P-0.15 (dictionary may take a considerable amount of time and space, and will still not include) 126 104 P-0.23 (enough passwords. This suggests some form of pattern matching would be very appro-) 126 90 P(priate.) 126 76 T1 F(T) 254.42 614 T(able 1: Passwords T) 261.32 614 T(o Be A) 362.5 614 T(voided) 395.59 614 T0 F(transformations of user) 114 590 T(\325) 225.7 590 T(s account name) 229.03 590 T(transformations based on user) 348 590 T(\325) 492.01 590 T(s real name) 495.34 590 T(words in a dictionary \050English and foreign) 114 568 T(words, male and female names, etc.\051) 114 554 T(words which match a dictionary word if all) 348 568 T(capital letters are made lower) 348 554 T(-case) 488.97 554 T(a word with a character turned into a digit or) 114 532 T(control character \050) 114 518 T2 F(eg) 201.91 518 T0 F(., \324s\325 to \3245\325 or \324a\325 to \324^A) 213.23 518 T(\325\051) 325.77 518 T(conjugations, participles, plurals, and/or pos-) 348 532 T(sessives of words in dictionaries) 348 518 T(appending or prepending numbers) 114 496 T(keyboard patterns \050) 348 496 T2 F(eg) 440.59 496 T0 F(., \324qwerty\325 or \324zxcvb\325\051) 451.91 496 T(reversed words in a dictionary) 114 474 T(reversed words which match a dictionary) 348 474 T(word if all capital letters are made lower) 348 460 T(-case) 541.93 460 T(short passwords) 114 438 T(alphabetic-only or monocase passwords) 348 438 T(numeric passwords \050like Social Security num-) 114 416 T(bers or telephone numbers\051) 114 402 T(license plates \050not just of one state\051) 348 416 T108 603.75 108 394.25 2 LV0.5 H0 ZN342 604.25 342 393.75 2 LVN576 603.75 576 394.25 2 LVN107.75 604 576.25 604 2 LVN107.75 582 576.25 582 2 LVN107.75 546 576.25 546 2 LVN107.75 510 576.25 510 2 LVN107.75 488 576.25 488 2 LVN107.75 452 576.25 452 2 LVN107.75 430 576.25 430 2 LVN107.75 394 576.25 394 2 LVNFMENDPAGE%%EndPage: "3" 4%%Page: "4" 4612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 4 of 9) 485.71 36 T108 72 540 720 R7 XV0 X(8.) 108 712 T-0.25 (do allow the proposed password to be run through a program, and act based on the out-) 126 712 P0.75 (put \050or lack of output\051 of that program. This allows a password cracker to be used if) 126 698 P-0.31 (desired; it also allows programs such as the spelling checker to determine if a proposed) 126 684 P(password is a word.) 126 670 T0.46 ( Finally) 144 652 P0.46 (, the issue of user friendliness must be addressed. By the principle of psy-) 180.66 652 P0.01 (chological acceptability [1) 108 638 P0.01 (1], the proactive password checker must not make changing the) 234.81 638 P-0.43 (password more dif) 108 624 P-0.43 (\336cult than changing the password without using the checker) 196.19 624 P-0.43 (. This means) 479.9 624 P-0.38 (that if the checker rejects a password, it should explain exactly why the proposed password) 108 610 P-0.35 (is unsuitable, so that the user can learn how to pick an acceptable password. If this happens) 108 596 P-0.44 (with too many potential passwords, the system administrator should check that the tests are) 108 582 P(not overly restrictive, and eliminating too many potential passwords.) 108 568 T1 F(3. A Comparison of Some Pr) 108 542 T(oactive Password Checkers) 254.36 542 T0 F1.42 (In this section, we compare several proactive password checkers to the require-) 144 518 P1.39 (ments and recommendations above. W) 108 504 P1.39 (e con\336ne our comparison solely to the password) 298.79 504 P-0.13 (checking part of the program, and not to the password changing part. The criteria for com-) 108 490 P-0.19 (parison are the eight recommendations above. W) 108 476 P-0.19 (e shall not examine psychological accept-) 340.75 476 P2.56 (ability) 108 462 P2.56 (, because that is more closely related to external in\337uences such as the user) 137.88 462 P2.56 (\325) 532 462 P2.56 (s) 535.33 462 P(environment; we want to look at the proactive testing mechanisms only) 108 448 T(.) 449.67 448 T1 F(3.1. The 4.3 BSD UNIX System Password Changing Pr) 108 422 T(ogram) 387.3 422 T4 F(passwd) 423.61 422 T0 F1.63 (This program [14] is similar to the password changing programs distributed by) 144 398 P0.53 (many vendors, so we use it as an example. Its proactive checking is con\336ned to advising) 108 384 P1.04 (users that passwords should be at least 5 characters long, or at least 6 if they consist of) 108 370 P-0.08 (monocase letters. The error message asks the user to use a longer password; but if the user) 108 356 P(insists \050by entering the password 3 times\051, these requirements are waived.) 108 342 T-0.05 (This program fails to meet almost all of the requirements, except for number 7 and) 144 324 P0.95 (a very small part of number 2. The mechanism allows passwords that fail its tests to be) 108 310 P-0.4 (used; it assumes the same criteria for good passwords hold across all users and sites; no ag-) 108 296 P-0.67 (ing is performed; as the tests are coded into the program, modifying them requires rewriting) 108 282 P-0.34 (the program; and the tests cannot involve running the password through a subprogram. Re-) 108 268 P0.43 (quirement 7 \050that all potential passwords not be listed in dictionaries\051 is met, because the) 108 254 P-0.58 (test involves only character types and lengths; and as these are classes of passwords that are) 108 240 P(common, a small subset of requirement 2 is met.) 108 226 T0.29 ( It should be noted that on other) 144 208 P0 10 Q0.24 (UNIX) 302.2 208 P0 12 Q0.29 ( systems \050such as those based on System V\051) 327.17 208 P0.56 ([13], password aging mechanisms are provided. However) 108 194 P0.56 (, the other requirements are not) 387.32 194 P(met.) 108 180 T1 F(3.2. An Obvious Password Detector) 108 154 T0 F-0.21 ( This program [7] works by detecting probable English words based on the number) 144 130 P0.33 (of occurrences of common triples. For example, in the word \322hello\323, three triples occur \320) 108 116 P0.98 (\322hel\323, \322ell\323, and \322llo\323. Given a list of words, one can build a three-dimensional table in) 108 102 P0.29 (which all triples occurring in the words in the list are marked in the table. Other common) 108 88 PFMENDPAGE%%EndPage: "4" 5%%Page: "5" 5612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 5 of 9) 485.71 36 T108 72 540 720 R7 XV0 X1 (triples, such as letters being repeated 3 times, are also entered. The triples are extracted) 108 712 P-0.26 (from a proposed password and looked up; if most, or all, are found marked in the table, the) 108 698 P(password is an English word and is too easy to guess.) 108 684 T-0.47 (This software is distributed as a program into which the password is entered; output) 144 666 P0.29 (is a message saying the password is too obvious, too short, or acceptable. Because it is to) 108 652 P-0.33 (be used with a password changer) 108 638 P-0.33 (, meeting requirement 1 depends on how it is mer) 264.06 638 P-0.33 (ged with) 498.69 638 P(that program.) 108 624 T0.38 ( This checker is a major improvement to the standard) 144 606 P0 10 Q0.32 (UNIX) 406.29 606 P0 12 Q0.38 ( system password pro-) 431.27 606 P-0.62 (grams. It allows detection of common English words, and provides a mechanism for detect-) 108 592 P3.3 (ing strings that are too similar to English words. For example, it rejects \322waters\323,) 108 578 P0.18 (\322watering\323, and \322bananna\323, none of which are in the standard) 108 564 P0 10 Q0.15 (UNIX) 408.21 564 P0 12 Q0.18 ( system dictionary but) 433.18 564 P1.06 (all of which would be considered \322easily guessable\323. More precisely) 108 550 P1.06 (, as distributed, the) 445.86 550 P-0.74 (program does not distinguish between upper and lower case letters, and treats any non-letter) 108 536 P-0.13 (as the same \050non-alphabetic\051 character) 108 522 P-0.13 (. The table was built from the system dictionary and) 291.32 522 P0.67 (a set of \322obvious\323 patterns \050such as \322qwerty\323\051. Hence of the 14 classes in table 1, it will) 108 508 P0.19 (reject words in at least 8, and possibly 10 \050the uncertain classes being the transformations) 108 494 P(of user account and real names\051.) 108 480 T0.02 (The requirement that the passwords to be rejected be entered in, or very similar to,) 144 462 P0 (words in the precompiled dictionaries is the major drawback of this scheme. For example,) 108 448 P-0.41 (the string \322Beijing\323 would be considered non-obvious to this scheme unless it had been en-) 108 434 P0.35 (tered in a dictionary) 108 420 P0.35 (. Further) 204.53 420 P0.35 (, common classes involving a transformation will often pass;) 245.71 420 P-0.64 (for example, \322bishop\323 is deemed too obvious, but \322pohsib\323 is deemed acceptable. \050The spe-) 108 406 P0.38 (ci\336c classes in table 1 that will be accepted are words with embedded digits, revered dic-) 108 392 P1.11 (tionary words, foreign words, or non-numeric license plates.\051 So the distributed table is) 108 378 P0.97 (clearly inadequate, and unless considerable care is spent in developing a new table, this) 108 364 P(scheme will not catch all of the classes of obvious passwords.) 108 350 T-0.56 (Requirements 3 and 4 are not met by the scheme, as distributed; however) 144 332 P-0.56 (, with min-) 488.15 332 P0.3 (imal extra work, the software could be altered to allow a separate table for each user) 108 318 P0.3 (, and) 516.38 318 P(one for the site, to be loaded. This speaks to the robustness of the concept.) 108 304 T1.15 (Requirement 5 \050aging\051 is not met, although by using an adaptive table \050one into) 144 286 P(which the triples of past passwords were entered\051 it could be.) 108 272 T0.71 (None of requirements 6 through 8 are met, because the tests are tied to the table.) 144 254 P-0.21 (This program speci\336es two types of tests: is the word in a dictionary) 108 240 P-0.21 (, or likely to be related) 432.47 240 P0.35 (to one in a dictionary; and is it too short \050or too long\051? The nature of the mechanism pre-) 108 226 P(cludes being able to meet these requirements.) 108 212 T0.04 (T) 144 194 P0.04 (o be fair) 150.49 194 P0.04 (, we should note that the stated purpose of this proactive mechanism was) 190.06 194 P0.22 (to eliminate those passwords which were probably English words, and the algorithm cho-) 108 180 P-0.52 (sen is suited to that purpose speci\336cally) 108 166 P-0.52 (. This package was not intended to be used as a gen-) 294.62 166 P(eral-purpose proactive mechanism.) 108 152 T1 F(3.3. The OPUS Pr) 108 126 T(oject) 199.4 126 T0 F-0.5 (This project [12] is similar to the Obvious Password Detector in purpose; the dif) 144 102 P-0.5 (fer-) 522.69 102 P0.94 (ence is that the implementation of OPUS uses multiple Bloom \336lters rather than triples.) 108 88 PFMENDPAGE%%EndPage: "5" 6%%Page: "6" 6612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 6 of 9) 485.71 36 T108 72 540 720 R7 XV0 X-0.28 (When a word is given to OPUS, it is \336rst transformed into a hashed form. This hash is then) 108 712 P-0.25 (run through a series of \336lters each of which generates an integer output. The set of integers) 108 698 P-0.09 (is then compared to a list of precomputed \336lter outputs; if the computed output is identical) 108 684 P0.17 (to any of the precomputed outputs, the word is rejected. The precomputed outputs are ob-) 108 670 P1.38 (tained by running words deemed unsuitable for passwords through the same \336lters. By) 108 656 P-0.71 (varying the number of bits in the bit vectors, and the number of hash functions, one can con-) 108 642 P0.28 (trol the probability of a false positive \050that is, the number of proposed passwords rejected) 108 628 P(even though they are not in the dictionary\051.) 108 614 T-0.62 (OPUS and the Obvious Password Detector meet, and do not meet, the same require-) 144 596 P-0.14 (ments; they are simply dif) 108 582 P-0.14 (ferent ways of detecting words in a dictionary) 232.5 582 P-0.14 (. \050The goal of both) 450.94 582 P-0.61 (mechanisms is similar) 108 568 P-0.61 (, OPUS being intended to catch obvious passwords which are not En-) 212.91 568 P0.72 (glish words as well as English words.\051 Like the Obvious Password Detector) 108 554 P0.72 (, it has good) 479.2 554 P-0.2 (potential provided it is made more \337exible. But currently) 108 540 P-0.2 (, unless considerable care is spent) 379.12 540 P0.86 (in developing the dictionary) 108 526 P0.86 (, OPUS may well miss some of the classes of obvious pass-) 244.71 526 P-0.29 (words, and unless the sets of \336lter outputs are changed on a per) 108 512 P-0.29 (-user and per) 407.77 512 P-0.29 (-site basis, it is) 469.56 512 P(too in\337exible.) 108 498 T1 F(3.4. The Pr) 108 472 T(ogram) 164.42 472 T4 F(npasswd) 200.72 472 T0 F0.16 (This program [3] allows several types of tests for easily guessed passwords. Users) 144 448 P0.64 (may specify a set of dictionaries to be checked and a minimum length requirement; they) 108 434 P0.79 (may also ban passwords with single case characters. The program itself will reject pass-) 108 420 P-0.33 (words consisting of repeated characters, illegal characters \050which may be con\336gured at run) 108 406 P0.76 (time\051, several transformations of the user) 108 392 P0.76 (\325) 309.41 392 P0.76 (s personal information \050such as name or of) 312.75 392 P0.76 (\336ce) 522.68 392 P(building\051, and various per) 108 378 T(-site information such as the host name.) 231.68 378 T-0.55 (The functionality of this program is intended to be greater than that of the preceding) 144 360 P0.14 (two. It allows some per) 108 346 P0.14 (-user discrimination, and a great deal of per) 220.57 346 P0.14 (-site discrimination \050in) 430.45 346 P-0.47 (addition to building a site-speci\336c dictionary) 108 332 P-0.47 (, it will also test some system-speci\336c strings\051.) 319.74 332 P0.66 (By building appropriate dictionaries, the administrator can con\336gure it to reject any pro-) 108 318 P-0.21 (posed password in a class of easily guessed passwords. Furthermore, setting up the con\336g-) 108 304 P2.42 (uration \336le is very simple: one simply lists the dictionaries to be checked, and adds) 108 290 P-0.27 (appropriate keywords to perform the other tests \050such as length\051. So requirements 1, 3, 4, 5) 108 276 P0.63 (\050when run on a) 108 262 P0 10 Q0.52 (UNIX) 185.79 262 P0 12 Q0.63 ( system supporting password aging\051, and 6 are met. W) 210.77 262 P0.63 (ith respect to) 476.78 262 P(requirement 2, of the 14 classes in table 1, all can be detected with suitable dictionaries.) 108 248 T0.2 ( Requirements 7 and 8 are not met, and this is the major problem with) 144 230 P2 F0.2 (npasswd) 485.48 230 P0 F0.2 (: it) 526.8 230 P0.35 (does not allow for easy testing of variations of dictionary words. For example, \322water\323 is) 108 216 P0.23 (in most system dictionaries, but \322waters\323 is not. Hence, while \322W) 108 202 P0.23 (ater\323 would be rejected,) 424.76 202 P0.3 (\322W) 108 188 P0.3 (aters\323 would not. While this could be alleviated by a lar) 123.69 188 P0.3 (ger dictionary) 393.99 188 P0.3 (, many sites will) 460.46 188 P-0.34 (simply not have such a dictionary available. A similar comment holds for words consisting) 108 174 P0.48 (of digits only: as there is no pattern matching facility) 108 160 P0.48 (, any string of numbers of suf) 365.76 160 P0.48 (\336cient) 510.02 160 P-0.37 (length will be accepted as a password unless all such numbers are entered into a dictionary) 108 146 P-0.37 (.) 537 146 P(The failure to meet requirement 8 exacerbates this, as dictionaries must be stored either as) 108 132 T0.72 (word lists or as) 108 118 P0 10 Q0.6 (UNIX) 186.83 118 P0 12 Q0.72 (-style database \336les; they cannot be compressed without modifying) 211.8 118 P(the program.) 108 104 TFMENDPAGE%%EndPage: "6" 7%%Page: "7" 7612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 7 of 9) 485.71 36 T108 72 540 720 R7 XV1 F0 X(3.5. The Pr) 108 712 T(ogram) 164.42 712 T4 F(passwd+ \050beta\051) 200.72 712 T0 F-0.31 (This program has been available since 1987 [2] in alpha test form; like the standard) 144 688 P0 10 Q-0.33 (UNIX) 108 674 P0 12 Q-0.4 ( utility) 132.98 674 P2 F-0.4 (passwd) 166.85 674 P0 F-0.4 (, and the previously-mentioned) 202.17 674 P2 F-0.4 (npasswd) 352.82 674 P0 F-0.4 ( program, it is both a password) 394.13 674 P0.45 (changer and a password checker) 108 660 P0.45 (. The password test mechanisms cannot be overridden or) 264.3 660 P-0.12 (bypassed, so requirement 1 is met. It contains support for password aging when the under-) 108 646 P-0.11 (lying) 108 632 P0 10 Q-0.09 (UNIX) 135.54 632 P0 12 Q-0.11 ( system supports it, so requirement 5 is met to a degree. The remaining require-) 160.52 632 P(ments all relate to the nature of the testing, so let us focus on that.) 108 618 T-0.46 (What follows applies to the beta version, which has been recently completed. In ad-) 144 600 P-0.09 (dition to allowing dictionary tests, it allows tests to use pattern matching as well as to exe-) 108 586 P-0.52 (cute arbitrary programs and base rejection on the output. This enables it to reject passwords) 108 572 P0.27 (in any class that can be described using patterns or for which a program can be written to) 108 558 P-0.26 (detect membership, thereby satisfying requirements 7 and 8; as for requirement 2, all 14 of) 108 544 P-0.05 (the classes in table 1 can be described using either dictionaries, patterns, or programs. The) 108 530 P0.96 (con\336guration \336le uses variables which are set at each invocation, and include the user) 108 516 P0.96 (\325) 532 516 P0.96 (s) 535.33 516 P0.05 (name and host name \050set automatically\051 and can include any information the site adminis-) 108 502 P0.84 (trator wishes to provide. Hence it can perform both per) 108 488 P0.84 (-user and per) 379.15 488 P0.84 (-site discrimination,) 443.21 488 P0.22 (thereby satisfying requirements 3 and 4. Also, it can provide an aging facility in the same) 108 474 P0.67 (way that OPUS can be used to support aging: add the old password to a dictionary) 108 460 P0.67 (. This) 512.01 460 P0.2 (means requirement 5 can be met even if the underlying) 108 446 P0 10 Q0.17 (UNIX) 377.11 446 P0 12 Q0.2 ( system does not support ag-) 402.09 446 P-0.48 (ing. Requirement 6, that setting up the tests be straightforward, is partially met because set-) 108 432 P(ting up tests merely requires the system administrator adding them to a con\336guration \336le.) 108 418 T0.71 ( The reservations implicit in the previous sentence arise from the structure of the) 144 400 P-0.09 (little language used to express these tests. Because of the \337exibility of) 108 386 P2 F-0.09 (passwd+) 445.7 386 P0 F-0.09 (\325) 489.12 386 P-0.09 (s con\336gu-) 492.45 386 P0.31 (ration language, it allows more general proactive testing than the other four schemes. For) 108 372 P-0.37 (example, one can send the hashed password over the network to a password cracker) 108 358 P-0.37 (, which) 505.06 358 P-0.1 (will then reply with \3221\323 for \322guessable\323 and \3220\323 for \322not guessable\323 \050much as was done in) 108 344 P-0.14 (CRACK [10]\051. But with this power comes complexity) 108 330 P-0.14 (, and in some sense) 366.08 330 P2 F-0.14 (passwd+) 461.31 330 P0 F-0.14 ( suf) 504.73 330 P-0.14 (fers) 522.02 330 P-0.47 (from the inverse problem of) 108 316 P2 F-0.47 (npasswd) 243.2 316 P0 F-0.47 (: setting up the tests can be quite simple if the tests are) 284.51 316 P0.09 (simple, or quite complex if the tests are complex. So the interface for the system adminis-) 108 302 P-0.45 (trator can be dif) 108 288 P-0.45 (\336cult to use. \050The users, of course, do not see this complexity) 182.69 288 P-0.45 (.\051 On the other) 471.41 288 P(hand, when properly con\336gured, it catches all passwords in the suspect class.) 108 274 T1 F(4. Comparison of the Pr) 108 248 T(ograms) 230.71 248 T0 F-0.64 (The programs described in the previous section fall into two classes: the) 144 224 P2 F-0.64 (testing pr) 485.44 224 P-0.64 (o-) 530.01 224 P-0.25 (grams) 108 210 P0 F-0.25 ( which do not change passwords but merely test proposed passwords, and the) 137.98 210 P2 F-0.25 (pr) 508.47 210 P-0.25 (oac-) 518.69 210 P-0.18 (tive passwor) 108 196 P-0.18 (d pr) 167.68 196 P-0.18 (ograms) 186.71 196 P0 F-0.18 (, which change passwords as well as test proposed passwords. The) 222.7 196 P0.64 (two types are closely related, and two of the proactive password programs have separate) 108 182 P(password testing programs.) 108 168 T-0.16 (The two testing programs are both dictionary lookup programs. The Obvious Pass-) 144 150 P-0.67 (word Detector uses a statistical characteristic of the dictionary to eliminate words which are) 108 136 P-0.2 (likely to be in the dictionary; OPUS uses Bloom \336lters. Both these techniques are probabi-) 108 122 P1.23 (listic in nature and simply extend previous work \050see for example [5][9]\051; similar tech-) 108 108 P0.43 (niques can be used with proactive password programs, and in fact either system could be) 108 94 P(incorporated into such a program.) 108 80 TFMENDPAGE%%EndPage: "7" 8%%Page: "8" 8612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 8 of 9) 485.71 36 T108 72 540 720 R7 XV0 X-0.12 (Of the three proactive password programs described above, the standard) 144 712 P0 10 Q-0.1 (UNIX) 492.17 712 P0 12 Q-0.12 ( pro-) 517.14 712 P-0.4 (gram) 108 698 P2 F-0.4 (passwd) 135.24 698 P0 F-0.4 ( is clearly the weakest; this is not surprising, given the philosophy of the) 170.56 698 P0 10 Q-0.34 (UNIX) 515.02 698 P0 12 Q-0.57 (operating system. That philosophy says to have one program to perform one task; and) 108 684 P2 F-0.57 (pass-) 514.68 684 P0.09 (wd) 108 670 P0 F0.09 ( was originally intended to change the user) 122 670 P0.09 (\325) 328.6 670 P0.09 (s password. As the UNIX operating system) 331.93 670 P-0.05 (evolved, that philosophy was observed perhaps more in the breach than in the observance,) 108 656 P-0.1 (and) 108 642 P2 F-0.1 (passwd) 128.21 642 P0 F-0.1 ( was extended to change login shells, user information, to handle password ag-) 163.53 642 P0.51 (ing, and extended in other ways. Unfortunately) 108 628 P0.51 (, rigorous password checking was not one) 336.1 628 P(of them; the precise reasons for this are not clear) 108 614 T(.) 340.82 614 T0.76 (After the completion of a rather powerful password cracking program) 144 596 P2 F0.76 (deszip) 489.28 596 P0 F0.76 ( [1],) 519.26 596 P-0.38 (the author of that program decided to develop and distribute a countermeasure, so that sites) 108 582 P1.07 (which obtained) 108 568 P2 F1.07 (deszip) 186.76 568 P0 F1.07 ( would be able to insulate their system against attacks from other) 216.74 568 P-0.17 (password cracking programs. The original version of) 108 554 P2 F-0.17 (passwd+) 363.98 554 P0 F-0.17 ( was distributed with) 407.4 554 P2 F-0.17 (deszip) 510.02 554 P0 F-0.38 (as well as separately; it provided all the testing facilities present in the beta version, includ-) 108 540 P-0.34 (ing execution of subprograms and pattern matching tests as well as dictionary lookup tests.) 108 526 P0.19 (The complexity of the language used to express these tests, as well as some awkwardness) 108 512 P-0.34 (about the con\336guration \336le and the lack of extensibility in other areas \050for example, adding) 108 498 P0.06 (the ability to handle alternate password \336le formats was very dif) 108 484 P0.06 (\336cult\051 has led to the work) 416.8 484 P(on a beta test version.) 108 470 T1.7 (The program) 144 452 P2 F1.7 (npasswd) 212.68 452 P0 F1.7 ( was developed independently and has been considerably) 253.99 452 P0.52 (more polished than) 108 438 P2 F0.52 (passwd+) 204.51 438 P0 F0.52 (. Although it does not provide as powerful a set of tests, the) 247.92 438 P-0.09 (set it does provide are excellent, and con\336guration is very simple. For this reason, if a sys-) 108 424 P-0.07 (tem administrator does not have the time to learn the little language of) 108 410 P2 F-0.07 (passwd+) 447.16 410 P0 F-0.07 ( and is not) 490.58 410 P0.97 (happy with the sample con\336guration \336le,) 108 396 P2 F0.97 (npasswd) 313.38 396 P0 F0.97 ( is often a better choice. On the other) 354.7 396 P0.2 (hand,) 108 382 P2 F0.2 (passwd+) 137.51 382 P0 F0.2 ( clearly does provide the system administrator with a more comprehensive) 180.93 382 P(testing ability) 108 368 T(.) 172.86 368 T1 F(5. Conclusion) 108 342 T0 F-0.67 (In this paper we analyzed some of the requirements of proactive password checkers,) 144 318 P0.69 (and compared several checkers which either are available or are under development. W) 108 304 P0.69 (e) 534.67 304 P-0.5 (tested each by scoring their abilities to meet speci\336c criteria derived from the problems that) 108 290 P-0.29 (proactive password checking is supposed to overcome. Our goal was to shed some light on) 108 276 P-0.72 (the requirements the testing component of the proactive password checker should meet, and) 108 262 P-0.69 (give examples of programs which attempted to implement some, or all of, the requirements.) 108 248 P1 F(6. Refer) 108 222 T(ences) 148.41 222 T0 F([1]) 108 198 T-0.24 (Bishop, M., \322An Application of a Fast Data Encryption Standard Implementation,\323) 144 198 P2 F(Computing Systems) 144 184 T1 F(1) 241.28 184 T0 F(\0503\051 \050Summer 1988\051 pp. 221-256.) 247.27 184 T([2]) 108 166 T0.99 (Bishop, M., \322A Proactive Password Checker) 144 166 P0.99 (,\323 in) 362.3 166 P2 F0.99 (Information Security: Pr) 387.92 166 P0.99 (oceed-) 508.04 166 P0.56 (ings of the IFIP TC1) 144 152 P0.56 (1 Seventh International Confer) 244.62 152 P0.56 (ence on Information Security:) 394.77 152 P1.74 (Cr) 144 138 P1.74 (eating Con\336dence in Information Pr) 156.22 138 P1.74 (ocessing) 337.29 138 P0 F1.74 (, D. T) 378.6 138 P1.74 (. Lindsay and W) 409.17 138 P1.74 (. L. Price) 492.56 138 P(\050eds.\051, North-Holland, New Y) 144 124 T(ork, NY \0501991\051 pp. 169-180.) 286.69 124 T([3]) 108 106 T0.3 (Hoover) 144 106 P0.3 (, C.,) 179.49 106 P2 F0.3 (npasswd version 1.7) 203.07 106 P0 F0.3 ( \050Jan. 28, 1992\051. A) 301.28 106 P0.3 (vailable from ftp.cc.utexas.edu) 391.19 106 P(using anonymous ftp.) 144 92 TFMENDPAGE%%EndPage: "8" 9%%Page: "9" 9612 792 0 FMBEGINPAGE108 746 540 756 R7 X0 KV108 32.67 540 42.67 RV0 12 Q0 X(Page 9 of 9) 485.71 36 T108 72 540 720 R7 XV0 X([4]) 108 712 T-0.35 (Klein, D. V) 144 712 P-0.35 (., \322\322Foiling the Cracker\323: A Survey Of, and Improvements to, Password) 197.72 712 P(Security) 144 698 T(,\323) 183.19 698 T2 F(Pr) 194.52 698 T(oceedings of the UNIX Security W) 206.07 698 T(orkshop II) 369.18 698 T0 F( \050Aug. 1990\051 pp. 5-14.) 418.8 698 T([5]) 108 680 T-0.03 (McIlroy) 144 680 P-0.03 (, M. D., \322Development of a Spelling List,\323) 182.52 680 P2 F-0.03 (IEEE T) 389.83 680 P-0.03 (ransactions on Commu-) 424.79 680 P(nications) 144 666 T1 F(COM-30) 190.98 666 T0 F(\0501\051 \050Jan. 1982\051 pp. 91-99.) 236.28 666 T([6]) 108 648 T-0.2 (Morris, R., and Thompson, K., \322Password Security: A Case History) 144 648 P-0.2 (,\323) 466.92 648 P2 F-0.2 (Communica-) 478.04 648 P(tions of the ACM) 144 634 T1 F(22) 228.62 634 T0 F(\0501) 240.62 634 T(1\051 \050Nov) 250.17 634 T(. 1979\051 pp. 594-597.) 287.02 634 T([7]) 108 616 T1.37 (Nagle, J. B., \322An Obvious Password Detector) 144 616 P1.37 (,\323) 370.91 616 P2 F1.37 (comp.sour) 383.6 616 P1.37 (ces.unix) 433.46 616 P1 F1.37 (16) 476.79 616 P0 F1.37 (\05060\051 \050Nov) 488.79 616 P1.37 (.) 537 616 P(1988\051. USENET message 1) 144 602 T(175@\336g.bbn.com.) 276.13 602 T([8]) 108 584 T2 F0.77 (Passwor) 144 584 P0.77 (d Management Guideline) 184.87 584 P0 F0.77 (, Department of Defense report CSC-STD-002-) 308.33 584 P(85 \050Apr) 144 570 T(. 1985\051.) 180.98 570 T([9]) 108 552 T-0.61 (Peterson, J. L., \322Computer Programs for Detecting and Correcting Spelling Errors,\323) 144 552 P2 F(Communications of the ACM) 144 538 T1 F(23) 286.59 538 T0 F(\05012\051 \050Dec. 1980\051 pp. 676-687.) 298.58 538 T([10]) 108 520 T0.81 (Raleigh, T) 144 520 P0.81 (. M. and Underwood, R. W) 194.56 520 P0.81 (., \322CRACK: A Distributed Password Advi-) 328.41 520 P(sor) 144 506 T(,\323) 158.18 506 T2 F(Pr) 169.5 506 T(oceedings of the UNIX Security W) 181.05 506 T(orkshop) 344.16 506 T0 F( \0501988\051 pp. 12-13.) 382.8 506 T([1) 108 488 T(1]) 117.55 488 T0.85 (Saltzer) 144 488 P0.85 (, J. H. and Schroeder) 176.83 488 P0.85 (, M. D., \322The Protection of Information in Computer) 280.01 488 P(Systems,\323) 144 474 T2 F(Pr) 195.31 474 T(oceedings of the IEEE) 206.86 474 T1 F(63) 316.78 474 T0 F(\0509\051 \050Sep. 1975\051 pp. 1278-1308.) 328.77 474 T([12]) 108 456 T-0.34 (Spaf) 144 456 P-0.34 (ford, E., \322Preventing W) 165.77 456 P-0.34 (eak Password Choices,\323) 277.69 456 P2 F-0.34 (Pr) 395.24 456 P-0.34 (oceedings of the Fourteenth) 406.79 456 P(National Computer Security Confer) 144 442 T(ence) 315.13 442 T0 F( \050Oct. 1991\051 pp. 446-455.) 337.11 442 T([13]) 108 424 T2 F(System V Interface De\336nition) 144 424 T0 F(,) 284.9 424 T2 F(V) 290.89 424 T(olume II) 296.89 424 T0 F(, A) 337.19 424 T(T&T \0501986\051.) 350.51 424 T([14]) 108 406 T2 F0.37 (UNIX User) 144 406 P0.37 (\325) 199.11 406 P0.37 (s Refer) 201.56 406 P0.37 (ence Manual, 4.3 Berkeley Softwar) 235.13 406 P0.37 (e Distribution, V) 404.72 406 P0.37 (irtual V) 484.88 406 P0.37 (AX-) 521.35 406 P-0.42 (1) 144 392 P-0.42 (1 V) 149.11 392 P-0.42 (ersion) 163.68 392 P0 F-0.42 (, Computer Science Research Group, Department of Electrical Engineer-) 193.66 392 P1.04 (ing and Computer Science, University of California, Berkeley) 144 378 P1.04 (, CA \050April 1986\051.) 447.94 378 P(Reprinted by the USENIX Association \050June 1987\051.) 144 364 TFMENDPAGE%%EndPage: "9" 10%%Trailer%%BoundingBox: 0 0 612 792%%Pages: 9 1%%DocumentFonts: Times-Roman%%+ Times-Bold%%+ Times-Italic%%+ Symbol%%+ Times-BoldItalic

Paper	by	M.	Bishop,
1991.	The	author	describes	a
technique,	and	a	mechanism,	to
allow	users	to	select	passwords
which	to	them	are	easy
to	remember	but	to	others
would	be	very	difficult	to
guess.	[Post

http://seclab.cs.ucdavis.edu/papers/mb91c.ps

A Proactive Password Checker 2008 September

dvd rental

dvd

Paper by M. Bishop, 1991. The author describes a technique, and a mechanism, to allow users to select passwords which to them are easy to remember but to others would be very difficult to guess. [Post

Rules

Recommended Sites: 1. Arts - Business - Computers - Games - Health - Home - Kids and Teens - News - Recreation - Reference - Regional - Science - Shopping - Society - Sports - World Miss Gallery - Top Anime Hentai - DVD rental by mail - Loans - Nike Air Force Ones - Advertising - Loan - Hotels in Britian

2008-09-07 06:32:41

Copyright 2005, 2006 by Webmaster
Websites is cool :) 93��ka Do Masa�u - Hotel Rzym - Projekty Dom�w - Polish Stoneware - Magnesy