Browse Prior Art Database

An algorithm or computer program to identify semantic user security password reuse.

IP.com Disclosure Number: IPCOM000236085D
Publication Date: 2014-Apr-04
Document File: 2 page(s) / 48K

Publishing Venue

The IP.com Prior Art Database

Abstract

An algorithm or computer program to identify semantic user security password reuse.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 54% of the total text.

Page 01 of 2

An algorithm or computer program to identify semantic user security password reuse.

Users that are required to remember passwords to access secure computer systems may follow a personal trend when choosing their passwords, in order to help themselves to remember their passwords; for example, cities of the world, football teams, types of flowers, family member names, etc.

    There is potential for a security breach if this personal trend becomes known to others with malicious intent. For example, if a user shares their password with someone else out of necessity but then changes their password within short timeframe, their personal trend may still have been exposed by sharing their password. While the password has been changed, if the same personal trend has been followed again, there is a possibility that the new password can be deduced as it follows the trend.

    Identification of semantic user password reuse is establishing if there is a "meaning" behind a chosen password and if that "meaning" is common to previous passwords chosen by that user.

  The system or computer program would comprise of the following logic: a) An algorithm to extract a dictionary words from a password string by using heuristics around password generation:

· One heuristic might be the fact that existing security password policies may require a number in a password, so replace numbers with similar looking letters.

· Another heuristic might be the fact that users can include leading or trailing characters or numbers in their password as a buffer in order to meet a specified minimum password length, strip away leading or trailing characters or numbers to reveal a dictionary word.

b) Use of the algorithm to e...