System and method for determining relative strength and crackability of a user's security password in real time
First Claim
1. A method of evaluating a potential password comprising:
- accessing a potential password for a user having multiple characters;
identifying, from among at least a numeric character type, a lowercase letter character type, an uppercase letter character type, and a nonalphanumeric character type, character types that correspond to the multiple characters included in the potential password;
detecting variations in the identified character types that correspond to the multiple characters included in the potential password by;
detecting whether the potential password includes at least one numeric character,detecting whether the potential password includes at least one lowercase letter character,detecting whether the potential password includes at least one uppercase letter character, anddetecting whether the potential password includes at least one nonalphanumeric character;
determining a total number of the multiple characters included in the potential password;
determining a number of repeated characters included in the multiple characters included in the potential password;
computing a measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password;
computing, by at least one computer and based on the detected variations in the identified character types and the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password, a numeric value that corresponds to an amount of time estimated for cracking the potential password by;
modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one numeric character,modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one lowercase letter character,modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one uppercase letter character,modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one nonalphanumeric character, andmodifying the numeric value as a function of the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password; and
making perceivable information as an indication of strength for the potential password based on the computed numeric value.
6 Assignments
0 Petitions
Accused Products
Abstract
System and method for determining crackability of a password in real time. The system and method include and involve a server system that serves a software package, and a client system that is coupled to the server system. The client system is configured to receive the software package. The software package includes a password entry facility permitting a user to enter a password candidate string one character at a time, and a strength determination facility configured to communicate with the password entry facility and to determine the crackability of the password candidate in real time repeatedly as each character of the password candidate string is entered into the password entry facility.
-
Citations
27 Claims
-
1. A method of evaluating a potential password comprising:
-
accessing a potential password for a user having multiple characters; identifying, from among at least a numeric character type, a lowercase letter character type, an uppercase letter character type, and a nonalphanumeric character type, character types that correspond to the multiple characters included in the potential password; detecting variations in the identified character types that correspond to the multiple characters included in the potential password by; detecting whether the potential password includes at least one numeric character, detecting whether the potential password includes at least one lowercase letter character, detecting whether the potential password includes at least one uppercase letter character, and detecting whether the potential password includes at least one nonalphanumeric character; determining a total number of the multiple characters included in the potential password; determining a number of repeated characters included in the multiple characters included in the potential password; computing a measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password; computing, by at least one computer and based on the detected variations in the identified character types and the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password, a numeric value that corresponds to an amount of time estimated for cracking the potential password by; modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one numeric character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one lowercase letter character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one uppercase letter character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one nonalphanumeric character, and modifying the numeric value as a function of the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password; and making perceivable information as an indication of strength for the potential password based on the computed numeric value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. At least one storage device having stored thereon executable instructions that when executed by at least one computer cause the at least one computer to perform operations comprising:
-
accessing a potential password for a user having multiple characters; identifying, from among at least a numeric character type, a lowercase letter character type, an uppercase letter character type, and a nonalphanumeric character type, character types that correspond to the multiple characters included in the potential password; detecting variations in the identified character types that correspond to the multiple characters included in the potential password by; detecting whether the potential password includes at least one numeric character, detecting whether the potential password includes at least one lowercase letter character, detecting whether the potential password includes at least one uppercase letter character, and detecting whether the potential password includes at least one nonalphanumeric character; determining a total number of the multiple characters included in the potential password; determining a number of repeated characters included in the multiple characters included in the potential password; computing a measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password; computing, based on the detected variations in the identified character types and the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password, a numeric value that corresponds to an amount of time estimated for cracking the potential password by; modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one numeric character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one lowercase letter character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one uppercase letter character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one nonalphanumeric character, and modifying the numeric value as a function of the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password; and making perceivable information as an indication of strength for the potential password based on the computed numeric value. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A data processing system comprising:
-
at least one processing unit; and a data storage facility coupled to the at least one processing unit having executable instructions stored thereon which, when executed by the at least one processing unit, cause the at least one processing unit to perform operations comprising; accessing a potential password for a user having multiple characters; identifying, from among at least a numeric character type, a lowercase letter character type, an uppercase letter character type, and a nonalphanumeric character type, character types that correspond to the multiple characters included in the potential password; detecting variations in the identified character types that correspond to the multiple characters included in the potential password by; detecting whether the potential password includes at least one numeric character, detecting whether the potential password includes at least one lowercase letter character, detecting whether the potential password includes at least one uppercase letter character, and detecting whether the potential password includes at least one nonalphanumeric character; determining a total number of the multiple characters included in the potential password; determining a number of repeated characters included in the multiple characters included in the potential password; computing a measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password; computing, based on the detected variations in the identified character types and the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password, a numeric value that corresponds to an amount of time estimated for cracking the potential password by; modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one numeric character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one lowercase letter character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one uppercase letter character, modifying the numeric value in a manner that increases an amount of time estimated for cracking the potential password conditioned on detecting that the potential password includes at least one nonalphanumeric character, and modifying the numeric value as a function of the computed measure that reflects the number of repeated characters relative to the total number of the multiple characters included in the potential password; and making perceivable information as an indication of strength for the potential password based on the computed numeric value. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification