Empirical Study of Password Strength Meter Design

Abstract

Computer password was first used at the Massachusetts Institute of Technology around 1960 when researchers built a large-scale time-sharing computer called CTSS (Compatible Time Sharing System). There are many purposes where regular users require different passwords whenever they send and receive emails, do online shopping and numerous other activities on the internet. Surprisingly since the invention of the password, it has not been capable to protect the user accounts until now. There is no problem in using the similar password, but different passwords are often difficult to remember and mistakes can creep in rather easily. Many users do not know what kind of passwords should be chosen which will be strong enough to thwart all sorts of fraudulent activities. Thus, most passwords are not secure as they should be, and the users could become targets of attacks at any time. This research attempt, after a thorough literature review and in-depth empirical study, developed a software plug-in called `Password Strength Meter', which can be used to visually inform the user about the durability of their chosen password and an estimate on the timeframe it may take to break the password using standard cracking mechanism. The output of this empirical study has been widely appreciated by the users who have tested the developed software, stating that the confidence on their chosen password increases significantly while using this tool to form a password.