Special Characters Usage and Its Effect on Password Security

Document Type

Article

Publication Title

IEEE Internet of Things Journal

Abstract

Continuously preventing weak password attacks is one of the most important initiatives to secure IoT and smart contract platforms. Despite their significance as crucial components of passwords, special character segments have been overlooked. This study systematically investigates the basic characteristics and semantic patterns of special character segments. We assess the efficacy of special character segment characteristics in cracking trials through assimilation into the latest probabilistic context-free grammar (PCFG v4) method for password cracking by updating the preterminal structure or performing special character segment transformation. Experimental findings demonstrate that a mere 6% transformation rate improves the cracking rate by 3.72% under the optimal assimilation combination. Our investigation reveals that the current password creation policies of mainstream IoT platforms and smart contract wallets overestimate the strength of passwords with special characters. To enhance their passwords, users can employ low-frequency special character semantic strings. For IoT platforms or smart contract wallets, the use of blacklist constructed from special character segment characteristics can effectively mitigate the risk of overestimating the strength of passwords with special characters.

First Page

19440

Last Page

19453

DOI

10.1109/JIOT.2024.3367323

Publication Date

6-1-2024

Keywords

Internet of Things (IoT) platforms security, password analysis, password protection, smart contract wallet security, weak password attack

This document is currently not available here.

Share

COinS